gemini-airdrops.com - urlscan.io

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is gemini-airdrops.com.
TLS certificate: Issued by GTS CA 1P5 on January 8th 2024. Valid for: 3 months.

This is the only time gemini-airdrops.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:237... 2600:9000:237d:de00:15:a17c:2c40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	1

1 2600:9000:237d:de00:15:a17c:2c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

t.rdsv1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

gemini-airdrops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gemini-airdrops.com gemini-airdrops.com	9 KB
1	rdsv1.net 1 redirects t.rdsv1.net — Cisco Umbrella Rank: 422456	325 B
3	2

	Domain	Requested by
3	gemini-airdrops.com	gemini-airdrops.com
1	t.rdsv1.net	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
gemini-airdrops.com GTS CA 1P5	`2024-01-08` - `2024-04-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station
Frame ID: 30FF62F29D8A557A0EA2816419CA163A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.rdsv1.net/ls/click?upn=74qjQLnlZOJ17kyhoUBClIjj7QMZj8gDP4Ogg0h-2Fn6C52Dup2X5NEi574DLn-... HTTP 302
https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Page URL
https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Page URL

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

9 kB
Transfer

33 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.rdsv1.net/ls/click?upn=74qjQLnlZOJ17kyhoUBClIjj7QMZj8gDP4Ogg0h-2Fn6C52Dup2X5NEi574DLn-2FGfXB7nlu5q8vbeOO6pxugKWLVoOFxNXlxUsuOQePZUuJ1hO0aI3Xcm0cSrr57LyB7HuyEyEjDOnOMH-2Fm35l6aEsfg-3D-3DzK1F_Wm-2FjzBDMKGITEcf270rXJQobyW4IVAYvMBoN-2BDOjwIQxiinBOiIy1xC7yrg112F6U7YEzyhhdYzrjxrAPIpIZ21-2BeU06IMfiJGKF4B5Yhb7ZGK0Kcd15uiEnSFGM8sFXihjvW1BJfEE0oLsvZwWohFZ2tHkcJgoNgpP5fxbm6XVqL8SZQrrXTVau6RqOyCUlI0aqFsvzVT9mIfMMyF8z6mcdARDQP0iGrCx-2F-2BZz-2FCATxVNvbYjs9Cih3hdiHsI-2BIg9xvPL816MiEeKlbC0Ecqh5y-2BtVwPOloytYgEBrgQsD10rvCJkh9BaaBizLyUjyaO-2BUYKQIaWqcMxnCtzdtRP4vR21YEvofTamkGkvMu-2Ba-2FDOynseWcefrONteon4fd9dvwbd24g-2F26g76wXtNv2QkWuPn84iN-2Fdsn5ZeAkwFj2AjA7azVomVUdoWkG-2FHTB5W3FNsWaDio6qprRuxSrjwz5W9-2BI1hnRE-2Bmk-2FQD7xQB8lypZtyhXZD5-2FZLeg9xK5r60ONw6iM83gVTDAcQ43-2BSnDk3KBrkdH4Vzs9hRbd1TRonHy0oQ-2BRE5-2FDKZNsPaioIf2-2FQWgo0MqJXVfkB4y44eg0kTNFqtCs5keT8u-2Bw2YjwtGVT3q5vu-2FBr8-2BcbiDya HTTP 302
https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Page URL
https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.rdsv1.net/ls/click?upn=74qjQLnlZOJ17kyhoUBClIjj7QMZj8gDP4Ogg0h-2Fn6C52Dup2X5NEi574DLn-2FGfXB7nlu5q8vbeOO6pxugKWLVoOFxNXlxUsuOQePZUuJ1hO0aI3Xcm0cSrr57LyB7HuyEyEjDOnOMH-2Fm35l6aEsfg-3D-3DzK1F_Wm-2FjzBDMKGITEcf270rXJQobyW4IVAYvMBoN-2BDOjwIQxiinBOiIy1xC7yrg112F6U7YEzyhhdYzrjxrAPIpIZ21-2BeU06IMfiJGKF4B5Yhb7ZGK0Kcd15uiEnSFGM8sFXihjvW1BJfEE0oLsvZwWohFZ2tHkcJgoNgpP5fxbm6XVqL8SZQrrXTVau6RqOyCUlI0aqFsvzVT9mIfMMyF8z6mcdARDQP0iGrCx-2F-2BZz-2FCATxVNvbYjs9Cih3hdiHsI-2BIg9xvPL816MiEeKlbC0Ecqh5y-2BtVwPOloytYgEBrgQsD10rvCJkh9BaaBizLyUjyaO-2BUYKQIaWqcMxnCtzdtRP4vR21YEvofTamkGkvMu-2Ba-2FDOynseWcefrONteon4fd9dvwbd24g-2F26g76wXtNv2QkWuPn84iN-2Fdsn5ZeAkwFj2AjA7azVomVUdoWkG-2FHTB5W3FNsWaDio6qprRuxSrjwz5W9-2BI1hnRE-2Bmk-2FQD7xQB8lypZtyhXZD5-2FZLeg9xK5r60ONw6iM83gVTDAcQ43-2BSnDk3KBrkdH4Vzs9hRbd1TRonHy0oQ-2BRE5-2FDKZNsPaioIf2-2FQWgo0MqJXVfkB4y44eg0kTNFqtCs5keT8u-2Bw2YjwtGVT3q5vu-2FBr8-2BcbiDya HTTP 302
https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	/ Show response gemini-airdrops.com/ Redirect Chain https://t.rdsv1.net/ls/click?upn=74qjQLnlZOJ17kyhoUBClIjj7QMZj8gDP4Ogg0h-2Fn6C52Dup2X5NEi574DLn-2FGfXB7nlu5q8vbeOO6pxugKWLVoOFxNXlxUsuOQePZUuJ1hO0aI3Xcm0cSrr57LyB7HuyEyEjDOnOMH-2Fm35l6aEsfg-3D-3DzK... https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station	727 B 870 B	204ms 109ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87d8ee8af9b1e7bc9b78b662f98a3dde95888b159d76b3e49e414819ed039a70` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 845dc4fbba066fb4-CDG content-encoding br content-type text/html date Mon, 15 Jan 2024 11:27:26 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrrK7kxtsRrYA6arxRAHkC5YI%2BGUzF5Xt1eo5rnYlO7h0otS7DzxKar4NSXKH5en%2FhNnCLXojVVZQnBFfoBYfz5GZFXedNHGLchnOqxdm7J4ypqrupTJpOKBONVi52G95n49FbIU"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers content-length 124 content-type text/html; charset=utf-8 date Mon, 15 Jan 2024 11:27:25 GMT location https://gemini-airdrops.com?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station server nginx via 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront) x-amz-cf-id gSgRLhpERdU6_G7p1MZv6l0h41s-E7HDef9DatwTWcM3Cyo--NkRQg== x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront x-robots-tag noindex, nofollow
GET H2	200	aes.js gemini-airdrops.com/	25 KB 6 KB	116ms 115ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemini-airdrops.com/aes.js Requested by Host: gemini-airdrops.com URL: https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Mon, 15 Jan 2024 11:27:26 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 10 Oct 2023 08:45:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tRrMdnjmEteieaVLmCCYwnfcSFK2bbkP77aROJrt1nW8Re%2BHLlDub5apWgfkT94jDPWw%2B6Z5w8BOS25SY7j0kwrbxhcZ8oJeMivIthP2E9LslKLikoFbOilsTwoHuH3MxdouY34"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 845dc4fc6b066fb4-CDG alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request / Show response gemini-airdrops.com/	7 KB 2 KB	109ms 109ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Requested by Host: gemini-airdrops.com URL: https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bd37c89d7236197c81ce58ca067f2279a50f9eb2ce41a4a5e54deb4e72fef8c` Request headers Referer https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 845dc4fd3be6b94e-AMS content-encoding br content-type text/html; charset=utf-8 date Mon, 15 Jan 2024 11:27:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1aS17DEranDRClVD1c9ZULAB5aeiAG3LdAQecPPUS5xAOmJPUkxkKb%2BnkG2dpnongQ%2FTWkh4L7XEtD3YFwuO9dvdamMLq7eEzsmFwSBPNz1%2FMniRfm5bcbSK76sYejR1Bgni2xa"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onSubmit function| setCookie

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gemini-airdrops.com/	1970-01-21 03:17:58	Name: 0x Value: ebe9caad5a57ca55a20e0d9a484d5108

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gemini-airdrops.com/?utm_campaign=endomarketing&utm_medium=email&utm_source=RD+Station Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gemini-airdrops.com
t.rdsv1.net
188.114.97.3
2600:9000:237d:de00:15:a17c:2c40:93a1
3bd37c89d7236197c81ce58ca067f2279a50f9eb2ce41a4a5e54deb4e72fef8c
87d8ee8af9b1e7bc9b78b662f98a3dde95888b159d76b3e49e414819ed039a70

gemini-airdrops.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

9 kBTransfer

33 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

gemini-airdrops.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

9 kB
Transfer

33 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions