gemeni-giveaway.com Open in urlscan Pro
54.37.93.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://domil-for.com/%7B%7Bemail%7D%7D
Effective URL:
https://gemeni-giveaway.com/bonus/
Submission: On January 16 via manual (January 16th 2023, 11:21:19 pm UTC) from MA — Scanned from ES

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 54.37.93.153, located in France and belongs to OVH, FR. The main domain is gemeni-giveaway.com.
TLS certificate: Issued by R3 on January 16th 2023. Valid for: 3 months.

This is the only time gemeni-giveaway.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.37.93.159 54.37.93.159	16276 (OVH) (OVH)
17	54.37.93.153 54.37.93.153	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
28	7

1 54.37.93.159 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: cjip.my-machina.live

domil-for.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.37.93.153 (France)

ASN16276 (OVH, FR)
PTR: edval.nanogo.online

gemeni-giveaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gemeni-giveaway.com gemeni-giveaway.com	2 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 chart.googleapis.com — Cisco Umbrella Rank: 21089	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
1	gstatic.com fonts.gstatic.com	27 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	44 KB
1	domil-for.com 1 redirects domil-for.com	243 B
28	7

	Domain	Requested by
17	gemeni-giveaway.com	gemeni-giveaway.com
4	chart.googleapis.com	gemeni-giveaway.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	gemeni-giveaway.com
1	www.googletagmanager.com	gemeni-giveaway.com
1	fonts.googleapis.com	gemeni-giveaway.com
1	domil-for.com	1 redirects
28	8

This site contains no links.

Subject Issuer	Validity	Valid
gemeni-giveaway.com R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gemeni-giveaway.com/bonus/
Frame ID: BAF4CF56FF4C8E344BBF11207BFC706C
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GEMINIBiggest giveaway CRYPTO of $100 000 000

Page URL History Show full URLs

https://domil-for.com/%7B%7Bemail%7D%7D HTTP 302
https://gemeni-giveaway.com/bonus/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1923 kB
Transfer

2080 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://domil-for.com/%7B%7Bemail%7D%7D HTTP 302
https://gemeni-giveaway.com/bonus/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
gemeni-giveaway.com/bonus/
Redirect Chain

https://domil-for.com/%7B%7Bemail%7D%7D
https://gemeni-giveaway.com/bonus/

34 KB
34 KB

214ms
61ms

Document
text/html

54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: a44787f8ed5d3c14c78bb44163ddbba621567a2897396246e7f5056c84e7acdc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 34800
Content-Type: text/html
Date: Mon, 16 Jan 2023 23:21:13 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sun, 15 Jan 2023 11:15:26 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 218
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 16 Jan 2023 23:21:13 GMT
Keep-Alive: timeout=5, max=100
Location: https://gemeni-giveaway.com/bonus/
Server: Apache

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 218ms
70ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd38ee1b1bd999c41c9abc88948ca65857a2e14bcffbf3cf025077e41ef2e8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 23:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 23:14:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 23:21:13 GMT

GET
H/1.1 200
OK style.css
gemeni-giveaway.com/bonus/css/ 16 KB
16 KB 177ms
61ms Stylesheet
text/css 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gemeni-giveaway.com/bonus/css/style.css
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: cb97f703ed49328ba957827fa65b7beee5af869418f12f66be2eb32ac8ea01e2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Sun, 15 Jan 2023 11:06:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16045

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
44 KB 297ms
103ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129523657-8

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

713ceef45afe719032fe878e60949ade35452ab73a6704fd9c4f8fe3283424e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44175
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Jan 2023 23:21:13 GMT

GET
H/1.1 200
OK logo_black.png
gemeni-giveaway.com/bonus/img/ 6 KB
6 KB 69ms
61ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/logo_black.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: fdab4588da6eca28a4c5c21a157d0b68f152eb9b992534d15cf754856c0daa11

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Sun, 15 Jan 2023 11:04:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5783

GET
H/1.1 200
OK bage.png
gemeni-giveaway.com/bonus/img/ 485 B
726 B 251ms
60ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/bage.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 1ff8e2a1a3dcdc6029d50e5999e8f0d8d612494c48bc2f51039404151016a9aa

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 485

GET
H/1.1 200
OK qr.png
gemeni-giveaway.com/bonus/img/ 716 B
957 B 260ms
63ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/qr.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 8b84196f37d3748bed9b44ff942d7b5f078fa48515ada8945a8126319092b416

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 716

GET
H/1.1 200
OK creator.png
gemeni-giveaway.com/bonus/img/ 268 KB
269 KB 260ms
64ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/creator.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 446b5cc325be53fdd5280ba62b210520e7e8ef1b1fb6c8ab73cd0bcb88c9a1e6

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Sun, 15 Jan 2023 11:22:42 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 274926

GET
H/1.1 200
OK wallet.png
gemeni-giveaway.com/bonus/img/ 1 KB
1 KB 306ms
60ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/wallet.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: bed73c64518fd7e68e5a2d9da4295c4aa51b0a8f850d73a7eaa3d0ef2b3ba8fb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1083

GET
H/1.1 200
OK transfer.png
gemeni-giveaway.com/bonus/img/ 1 KB
1 KB 144ms
60ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/transfer.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 5c264d71b8239604906f09d18e8ae5ce73a8df8967e8d487491be180bf792978

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1101

GET
H/1.1 200
OK checkmark.png
gemeni-giveaway.com/bonus/img/ 1 KB
1 KB 205ms
61ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/checkmark.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 8c0a5a45f2fd614b25f96f1bbee1bd110f0f0f8d97d736758a9f48b8f4f2c9b8

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1129

GET
H/1.1 200
OK bonus.png
gemeni-giveaway.com/bonus/img/ 836 B
1 KB 155ms
61ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/bonus.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: c7b8a3c66c90f139e1a2e1412c4fb148efe3f7ccd77bd6189ed5233a5838e1fc

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 836

GET
H/1.1 200
OK popper.png
gemeni-giveaway.com/bonus/img/ 25 KB
25 KB 90ms
61ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/popper.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25477

GET
H2 200 chart
chart.googleapis.com/ 869 B
1 KB 426ms
202ms Image
image/png 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=bc1qpj2rkkr2qzaedxla9pak0hggt354q9k7dy2qhf&chld=L|1&choe=UTF-8

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

6214534d5290e6187ce58b7fd12abedcd8c9dcf800b4559c5ba0896723fa9953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 869
x-xss-protection: 1; mode=block
expires: Tue, 17 Jan 2023 23:21:14 GMT

GET
H2 200 chart
chart.googleapis.com/ 873 B
932 B 432ms
208ms Image
image/png 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=0x69b40588f409BF821fE10D6384C2D85E2ac7b03c&chld=L|1&choe=UTF-8

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

f46d06a1b2ee99fcabc58eb0147be470f6b4abf57ab02cfba27afdb8291d6344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 1; mode=block
expires: Tue, 17 Jan 2023 23:21:14 GMT

GET
H2 200 chart
chart.googleapis.com/ 880 B
939 B 459ms
271ms Image
image/png 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=THCHBsCiKffDmRV4LZCa5zbZUE5tUUEEKr&chld=L|1&choe=UTF-8

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

2cc96ea8077f74ad07b10d08f4cf0e6fdf5d9c2253abec0516fd0fb04b202d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 880
x-xss-protection: 1; mode=block
expires: Tue, 17 Jan 2023 23:21:14 GMT

GET
H2 200 chart
chart.googleapis.com/ 876 B
935 B 397ms
210ms Image
image/png 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=bnb1vgar4g998wes2wccwcyqdp8qduyx24xvfz4wjq&chld=L|1&choe=UTF-8

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

2fd8fbc8a575cd2c0362625964cf6108431df8732d7a1096c98be255c3e3daec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 876
x-xss-protection: 1; mode=block
expires: Tue, 17 Jan 2023 23:21:14 GMT

GET
H/1.1 200
OK logo_white.png
gemeni-giveaway.com/bonus/img/ 6 KB
6 KB 60ms
60ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/logo_white.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: fdab4588da6eca28a4c5c21a157d0b68f152eb9b992534d15cf754856c0daa11

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Sun, 15 Jan 2023 11:04:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5783

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 139ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 23:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 393920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6uRasIMFXG9tWtOdoY1r3hX5mn%2B2SvpdKrMYhNzrcsHxGJkkBZuw40R5eisdJKGP2%2FvgxCI3hm0H%2Bmlk3MdptZMrwyx3NozvnwFn5jdb8ekcFUTLscPB0YFxE8RIlqs7KDdHLyo3ogwwoN2Cv7vd5eU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 78aa96149ac52fc9-MAD
expires: Sat, 06 Jan 2024 23:21:13 GMT

GET
H/1.1 200
OK script.js Show response
gemeni-giveaway.com/bonus/js/ 5 KB
5 KB 61ms
61ms Script
application/javascript 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gemeni-giveaway.com/bonus/js/script.js?v=3
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 0e55dc58d1c695c028330151d7229ec46992f0dff33ea93b4dfc1d568761e513

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 14:04:24 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5180

GET
H/1.1 200
OK background.png
gemeni-giveaway.com/bonus/img/ 717 KB
717 KB 79ms
61ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/background.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 734169

GET
H/1.1 200
OK background2.png
gemeni-giveaway.com/bonus/img/ 711 KB
711 KB 154ms
60ms Image
image/png 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/background2.png
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 2ca325c5dae0c37bce9289835f404b6f8e3b68173d43600e593c8e22e87d9485

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 728097

GET
H/1.1 200
OK btc_icon.svg
gemeni-giveaway.com/bonus/img/ 1 KB
2 KB 155ms
61ms Image
image/svg+xml 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/btc_icon.svg
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 744f12189bb28f29c7e4cc40b1db5f6b4e1ab1a8330c03f7fb1b82bebadc7477

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1381

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 261ms
78ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemeni-giveaway.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 15:21:36 GMT
x-content-type-options: nosniff
age: 547177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 15:21:36 GMT

GET
H/1.1 200
OK check.svg
gemeni-giveaway.com/bonus/img/ 549 B
794 B 60ms
60ms Image
image/svg+xml 54.37.93.153
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gemeni-giveaway.com/bonus/img/check.svg
Requested by: Host: gemeni-giveaway.com
URL: https://gemeni-giveaway.com/bonus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.93.153 , France, ASN16276 (OVH, FR),
Reverse DNS: edval.nanogo.online
Software: Apache /
Resource Hash: 7fb4f39e011ff722578938b999f06d202bf256424154b7d00520b98deb947876

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/bonus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 23:21:13 GMT
Last-Modified: Mon, 07 Nov 2022 13:57:10 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 549

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 272ms
77ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129523657-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Jan 2023 22:21:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3561
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 17 Jan 2023 00:21:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
147 B 99ms
98ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=998892196&t=pageview&_s=1&dl=https%3A%2F%2Fgemeni-giveaway.com%2Fbonus%2F&ul=en-us&de=UTF-8&dt=GEMINIBiggest%20giveaway%20CRYPTO%20of%20%24100%20000%20000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1096056812&gjid=268873174&cid=1796680589.1673911274&tid=UA-129523657-8&_gid=46308980.1673911274&_r=1&gtm=2ou1a1&z=239605580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gemeni-giveaway.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 23:21:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gemeni-giveaway.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 77ms
77ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=998892196&t=timing&_s=2&dl=https%3A%2F%2Fgemeni-giveaway.com%2Fbonus%2F&ul=en-us&de=UTF-8&dt=GEMINIBiggest%20giveaway%20CRYPTO%20of%20%24100%20000%20000&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1420&pdt=120&dns=29&rrt=215&srt=61&tcp=124&dit=818&clt=818&_gst=1092&_gbt=1402&_cst=657&_cbt=1087&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1796680589.1673911274&tid=UA-129523657-8&_gid=46308980.1673911274&gtm=2ou1a1&z=1062568991

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://gemeni-giveaway.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 18:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18823
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gemeni-giveaway.com/	1970-01-20 18:34:31	Name: _ga Value: GA1.2.1796680589.1673911274
.gemeni-giveaway.com/	1970-01-20 08:59:57	Name: _gid Value: GA1.2.46308980.1673911274
.gemeni-giveaway.com/	1970-01-20 08:58:31	Name: _gat_gtag_UA_129523657_8 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
chart.googleapis.com
domil-for.com
fonts.googleapis.com
fonts.gstatic.com
gemeni-giveaway.com
www.google-analytics.com
www.googletagmanager.com
2606:4700::6811:180e
2a00:1450:4001:80f::200a
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::200a
54.37.93.153
54.37.93.159
0e55dc58d1c695c028330151d7229ec46992f0dff33ea93b4dfc1d568761e513
1ff8e2a1a3dcdc6029d50e5999e8f0d8d612494c48bc2f51039404151016a9aa
2ca325c5dae0c37bce9289835f404b6f8e3b68173d43600e593c8e22e87d9485
2cc96ea8077f74ad07b10d08f4cf0e6fdf5d9c2253abec0516fd0fb04b202d16
2fd8fbc8a575cd2c0362625964cf6108431df8732d7a1096c98be255c3e3daec
446b5cc325be53fdd5280ba62b210520e7e8ef1b1fb6c8ab73cd0bcb88c9a1e6
5c264d71b8239604906f09d18e8ae5ce73a8df8967e8d487491be180bf792978
6214534d5290e6187ce58b7fd12abedcd8c9dcf800b4559c5ba0896723fa9953
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713ceef45afe719032fe878e60949ade35452ab73a6704fd9c4f8fe3283424e0
744f12189bb28f29c7e4cc40b1db5f6b4e1ab1a8330c03f7fb1b82bebadc7477
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
7fb4f39e011ff722578938b999f06d202bf256424154b7d00520b98deb947876
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b84196f37d3748bed9b44ff942d7b5f078fa48515ada8945a8126319092b416
8c0a5a45f2fd614b25f96f1bbee1bd110f0f0f8d97d736758a9f48b8f4f2c9b8
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
a44787f8ed5d3c14c78bb44163ddbba621567a2897396246e7f5056c84e7acdc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd38ee1b1bd999c41c9abc88948ca65857a2e14bcffbf3cf025077e41ef2e8aa
bed73c64518fd7e68e5a2d9da4295c4aa51b0a8f850d73a7eaa3d0ef2b3ba8fb
c7b8a3c66c90f139e1a2e1412c4fb148efe3f7ccd77bd6189ed5233a5838e1fc
cb97f703ed49328ba957827fa65b7beee5af869418f12f66be2eb32ac8ea01e2
d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318
f46d06a1b2ee99fcabc58eb0147be470f6b4abf57ab02cfba27afdb8291d6344
fdab4588da6eca28a4c5c21a157d0b68f152eb9b992534d15cf754856c0daa11
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

gemeni-giveaway.com Open in urlscan Pro 54.37.93.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

7 IPs

4 Countries

1923 kBTransfer

2080 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gemeni-giveaway.com Open in urlscan Pro
54.37.93.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

1923 kB
Transfer

2080 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!