gemticket.com
Open in
urlscan Pro
13.224.196.65
Public Scan
Submitted URL: https://gemticket.com/
Effective URL: https://gemticket.com/login
Submission: On August 23 via automatic, source certstream-suspicious
Effective URL: https://gemticket.com/login
Submission: On August 23 via automatic, source certstream-suspicious
Summary
This website contacted 4 IPs
in 1 countries
across 4 domains to perform 7 HTTP transactions.
The main IP is 13.224.196.65, located in
United States and
belongs to AMAZON-02, US.
The main domain is gemticket.com.
TLS certificate: Issued by Amazon on July 16th 2021. Valid for: a year.
This is the only time gemticket.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on July 16th 2021. Valid for: a year.
This is the only time gemticket.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 3 | 13.224.196.65 13.224.196.65 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2606:4700:303... 2606:4700:3037::6815:8fa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2600:9000:215... 2600:9000:2156:5800:b:8a0a:bb00:21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a04:4e42:3::485 2a04:4e42:3::485 | 54113 (FASTLY) (FASTLY) | |
| 7 | 4 |
3
13.224.196.65
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net
| gemticket.com |
2
2600:9000:2156:5800:b:8a0a:bb00:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d2mo48geehnd2k.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
gemticket.com
1 redirects
gemticket.com |
161 KB |
| 2 |
cloudfront.net
d2mo48geehnd2k.cloudfront.net |
15 KB |
| 2 |
rsms.me
rsms.me |
224 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net |
9 KB |
| 7 | 4 |
| Domain | Requested by | |
|---|---|---|
| 3 | gemticket.com |
1 redirects
gemticket.com
|
| 2 | d2mo48geehnd2k.cloudfront.net |
gemticket.com
|
| 2 | rsms.me |
gemticket.com
rsms.me |
| 1 | cdn.jsdelivr.net |
gemticket.com
|
| 7 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| gemticket.com Amazon |
2021-07-16 - 2022-08-14 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
| *.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-04-30 - 2022-06-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gemticket.com/login
Frame ID: B96A47DC6DEF6798F72E3E606ABB0053
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Sign in to your account - GemTicketPage URL History Show full URLs
-
https://gemticket.com/
HTTP 302
https://gemticket.com/login Page URL
Detected technologies
Amazon Web Services
(PaaS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon Cloudfront
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers via /\(CloudFront\)$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gemticket.com/
HTTP 302
https://gemticket.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login
gemticket.com/ Redirect Chain
|
7 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
inter.css
rsms.me/inter/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
d2mo48geehnd2k.cloudfront.net/aebfb18c-cff4-4f8a-b3e0-1b5e6fad65a6/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
d2mo48geehnd2k.cloudfront.net/aebfb18c-cff4-4f8a-b3e0-1b5e6fad65a6/js/ |
28 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.2/dist/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
livewire.js
gemticket.com/livewire/ |
149 KB 150 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
Inter-roman.var.woff2
rsms.me/inter/font-files/ |
222 KB 223 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| webpackChunk object| Alpine3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| gemticket.com/ | Name: mC9Kwp7xtDzI3WF0TtveCW3uAOx77AKo41hciNWf Value: eyJpdiI6IkpuNCtaRFIvTzVZRGwxbnBNQjdkamc9PSIsInZhbHVlIjoicGxNbUVHWEsyWURyeFdkMFFVTGlEbnh0WWcwREtOMmVTdC9FSTg4czBlbmF5cTUzbEMyT0J0VzNOVmZtdDNkTVpRMC9ZOENObWl5alNQZW9PK3RIMWJGVHhwbHRVSnVjZlVYVG94TUdYMU1iMnZ2Rk1OMEhSUFJ6NTE4QmoxZEJQb1FHcEFTWWJmM3M4TUtiWVZ1bzRxRzlPZ3p5NzlMaGFneEpBblZ6V3NvbU9mU1VGUnU5cmM4UGtFQVplUnQrdVlLaVFlZ3FSTGVkc1lZbldXT0ZWdmtPNER2U2N4OEtuS05FV0NxTCtKQkdaZlJEeDkwN2MyNDdjSlc3UUQrWGtRT1BKZUNGNkl0dkpYZVNpd3NGeXVqVTdkSVBMY29CU1dXM1dLN2lUeWtPOXk5VzdJT1pIUFRzYXRUejFiV0k3cmVPaE1ra3lJalQzSHk2QzFHTVhwMEdvN01JZlhNNS9IdS9kUThFeTZKa2JFcU0yYjdteWR1aFQ3TEZhRDdkbkllZSsxRFVoZVJSdmJxZyttWE1oVGlhVWpFTlo4aXBFV1NCMmNuanVYQmIwR2FFTWJGaEp1dmVXZDhUR3JVVjY0SjQzcXl4T2Z3MWxGKzBHVkNRaWc9PSIsIm1hYyI6IjkzNDljMWU5MTI1YWM0MDJiNThkNGVhYzM0OWQ4ODcwZDc3MDc2YWU5OTYwNjA2YzRiMDRkMTJkNGI0NjUxYTgifQ%3D%3D |
|
| gemticket.com/ | Name: gemticket_session Value: eyJpdiI6ImxqY25GVzVPS3dpeWIxNjJWajhYbVE9PSIsInZhbHVlIjoiM0RicmQzOU9qRURFS1JFNTR2bW1QNFArNVJKdEtqQnovdGxPMFJ2UGd0K0UvVVFCMmdudkJaNEROKzV4M0d5MVp4V3dLZjhla2tXZXpTYkIxUTgrby9GYmpHMFRNYXk0TEpTQ0I5MEEvbWl0R3BNY0hKb3E3WFZGOGtUcXJaeisiLCJtYWMiOiJiMDUxMzI1M2Y5MDc2M2RhZDgwZDQxYWY2ZWViYmYxZDhmNDgwNWFjNTA4ZTc2YmNmZTVkNGVmYTM2NDVlN2NmIn0%3D |
|
| gemticket.com/ | Name: XSRF-TOKEN Value: eyJpdiI6InYvRVZwM1FrMWcyTjY3RlR2TXRqOXc9PSIsInZhbHVlIjoiTmttYytWamJJakZZWGhLVnJIRUE3ZW5uYkxYU2hLclRkbkMvZGhNbjcxZnliK0NQN0dGSVBGcFJOdnhrRmhxT2lFb0RJSVVCVzRaSE9MbVVHZ21TK2NLUzVNRzVraXBtTTlvcjJJeFZ1Vmk1MWpGQWhSRk0vTFE0VGRBWDRHczAiLCJtYWMiOiI4NWE1NTQ2NDBkNjA3ZjNkZjcxNjcxZGRjZWU5YjVhN2MyM2UyYzViMDQ1ZGRlODgwODQxMzc2NzQ4YTE0YzY5In0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
d2mo48geehnd2k.cloudfront.net
gemticket.com
rsms.me
13.224.196.65
2600:9000:2156:5800:b:8a0a:bb00:21
2606:4700:3037::6815:8fa
2a04:4e42:3::485
13b794324f3e9d8a39a0e526628745f5cbbf51aaaa38ba6db4e6786a463b1f09
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
4f374cc475533722c0db5a2d9e9c6ace56f083ed9ca0bb5a80c3dc8813b34b2c
5fba42a016e326e62e8bc3d69c73bbfafbf461dbbd46689abe5ee657ec57087c
bf17e5ccdac21ba69ff94ac2655ea870d484532465d92b509b7880e5796ba984
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97