exchange.gemini.com Open in urlscan Pro
99.83.200.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.gemini.com/signin
Submission: On November 01 via api (November 1st 2024, 4:09:09 pm UTC) from RU — Scanned from DE

Summary HTTP 81 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 27 domains to perform 81 HTTP transactions. The main IP is 99.83.200.252, located in United States and belongs to AMAZON-02, US. The main domain is exchange.gemini.com. The Cisco Umbrella rank of the primary domain is 352017.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 16th 2024. Valid for: a year.

This is the only time exchange.gemini.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	99.83.200.252 99.83.200.252	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:266... 2600:9000:266e:2400:1a:e26f:c2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
2	172.64.151.210 172.64.151.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.156.247 18.173.156.247	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:4... 2600:1901:0:40b::	15169 (GOOGLE) (GOOGLE)
1 1	13.32.121.41 13.32.121.41	16509 (AMAZON-02) (AMAZON-02)
7	13.32.99.74 13.32.99.74	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2.18.64.70 2.18.64.70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.14.251 34.120.14.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.67.241.53 34.67.241.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:7... 2600:1901:0:7628::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
81	36

6 99.83.200.252 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a4793faec64193924.awsglobalaccelerator.com

exchange.gemini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:266e:2400:1a:e26f:c2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.gemini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o472445.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.210 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-03.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.156.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-156-247.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:40b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

a.gemini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net

9e5fa68d596e.us-east-1.sdk.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.99.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-74.fra60.r.cloudfront.net

9e5fa68d596e.0421493d.us-east-1.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.64.70 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-70.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.14.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.14.120.34.bc.googleusercontent.com

ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.67.241.53 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.241.67.34.bc.googleusercontent.com

p.gemini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gemini.com 2 redirects exchange.gemini.com — Cisco Umbrella Rank: 352017 assets.gemini.com — Cisco Umbrella Rank: 740968 a.gemini.com — Cisco Umbrella Rank: 822312 p.gemini.com	2 MB
8	awswaf.com 1 redirects 9e5fa68d596e.us-east-1.sdk.awswaf.com 9e5fa68d596e.0421493d.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 607618	294 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401	1 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 tr6.snapchat.com — Cisco Umbrella Rank: 1360	626 B
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 t.clarity.ms — Cisco Umbrella Rank: 6202	29 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	329 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	463 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2502	1 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	google.de www.google.de — Cisco Umbrella Rank: 11271	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	580 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	265 KB
2	braze.com sdk.iad-03.braze.com — Cisco Umbrella Rank: 3464	312 B
2	mixpanel.com api.mixpanel.com — Cisco Umbrella Rank: 1090	433 B
1	sardine.ai ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai	530 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	395 B
1	t.co t.co — Cisco Umbrella Rank: 859	628 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	24 KB
1	sentry.io o472445.ingest.sentry.io	300 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
81	27

	Domain	Requested by
7	9e5fa68d596e.0421493d.us-east-1.token.awswaf.com	assets.gemini.com
6	www.facebook.com
6	www.google.com	1 redirects assets.gemini.com www.googletagmanager.com www.gstatic.com
6	assets.gemini.com	exchange.gemini.com
6	exchange.gemini.com	2 redirects assets.gemini.com
4	tr.snapchat.com	assets.gemini.com sc-static.net
4	a.gemini.com	assets.gemini.com a.gemini.com
4	www.googletagmanager.com	assets.gemini.com www.googletagmanager.com
3	px.ads.linkedin.com	1 redirects assets.gemini.com
3	www.clarity.ms	exchange.gemini.com www.clarity.ms bat.bing.com
3	connect.facebook.net	assets.gemini.com connect.facebook.net
2	t.clarity.ms	assets.gemini.com
2	bat.bing.net	bat.bing.com
2	trkn.us	1 redirects
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	www.google-analytics.com	www.googletagmanager.com assets.gemini.com
2	www.google.de
2	region1.analytics.google.com	assets.gemini.com
2	sdk.iad-03.braze.com	assets.gemini.com
2	api.mixpanel.com	assets.gemini.com
1	tr6.snapchat.com	sc-static.net
1	p.gemini.com
1	ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai
1	googleads.g.doubleclick.net	1 redirects
1	px4.ads.linkedin.com
1	analytics.twitter.com
1	t.co
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	9e5fa68d596e.us-east-1.sdk.awswaf.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	sc-static.net	assets.gemini.com
1	o472445.ingest.sentry.io	assets.gemini.com
1	fonts.googleapis.com	exchange.gemini.com
81	37

This site contains links to these domains. Also see Links.

Domain
www.gemini.com

Subject Issuer	Validity	Valid
exchange.gemini.com Amazon RSA 2048 M02	`2024-07-16` - `2025-08-14`	a year	crt.sh
assets.gemini.com Amazon RSA 2048 M03	`2024-02-29` - `2025-03-30`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh
iad-03.braze.com E5	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
a.gemini.com WR3	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.googleadservices.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
d.sardine.ai WR3	`2024-09-30` - `2024-12-29`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
p.gemini.com WR1	`2024-10-02` - `2024-12-31`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.0421493d.us-east-1.token.awswaf.com Amazon RSA 2048 M02	`2024-05-04` - `2025-06-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://exchange.gemini.com/signin
Frame ID: 6CCC711B5AE5A72CAFCB8EF3DB3D688B
Requests: 70 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fexchange.gemini.com
Frame ID: 73C77E760FA3A84BF308419D6BE3FF01
Requests: 1 HTTP requests in this frame

Frame: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Frame ID: AD5D05054B0BFAE760953D3F13B3F70C
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab&u_scsid=fe39aa1c-bb1e-4c3a-9063-c7fc79eb0e8f&u_sclid=c2c79c44-512f-40fd-bc56-d7677555f62b
Frame ID: 7AAF2C70446C14FDA80E767CF4B56C43
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=3omxp897ekn5
Frame ID: DF2FC71E26E456A44A42F5AF2021D188
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=zbhcm6t941b
Frame ID: 0C5A6FA0790AB2162BBD0744F0A043D6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Frame ID: 87542909C7941D8B51BC4B46ADB9F76A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gemini - Sign In

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mixpanel (Analytics) Expand

Overall confidence: 100%
Detected patterns

api\.mixpanel\.com/track

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

81
Requests

91 %
HTTPS

54 %
IPv6

27
Domains

37
Subdomains

36
IPs

4
Countries

3545 kB
Transfer

11766 kB
Size

32
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gemini.com/legal/legal-notice
Title: Legal Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://exchange.gemini.com/js/22.fc269ba4651c2d307cfe.js HTTP 301
https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js

Request Chain 13

https://exchange.gemini.com/js/SignIn.47dffa89d.en-US.json HTTP 301
https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json

Request Chain 22

https://9e5fa68d596e.us-east-1.sdk.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js HTTP 307
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js

Request Chain 40

https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=84.19.175.183;cuidchk=1

Request Chain 55

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQJkcs2r1wpqpAAAAZLofKOTiZfSmN7UAka_ZC5v0p3ZyI5InpgYotNwaB9E8FSR830J1o-1YSrPIFF6-DNYgssPI3ufww

Request Chain 56

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQIIo8WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw7PVf6ByGMGUFHj_dqLW0n6ulQTkB0pKpQ&pscrd=IhMIqbTwtsK7iQMVuqqDBx3qrgZmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQldDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklzQUU0NEgwM0d2NEFlbXI1UE95aUNhYlhSWUp6cVZGRUU0em5BaElTNjdBNzFYLW1kRVBPek51bGdWbTA HTTP 302
https://www.google.com/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQIIo8WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIqbTwtsK7iQMVuqqDBx3qrgZmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQldDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklzQUU0NEgwM0d2NEFlbXI1UE95aUNhYlhSWUp6cVZGRUU0em5BaElTNjdBNzFYLW1kRVBPek51bGdWbTA&is_vtc=1&cid=CAQSGwCa7L7dV9T_m9IrRJ806OYAJK8LBO04hMBQAw&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hwy1GUUJhbfMgNCPFau9dVyWWspqaKOA1gQ&random=940198736 HTTP 302
https://www.google.de/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQIIo8WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIqbTwtsK7iQMVuqqDBx3qrgZmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQldDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklzQUU0NEgwM0d2NEFlbXI1UE95aUNhYlhSWUp6cVZGRUU0em5BaElTNjdBNzFYLW1kRVBPek51bGdWbTA&is_vtc=1&cid=CAQSGwCa7L7dV9T_m9IrRJ806OYAJK8LBO04hMBQAw&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hwy1GUUJhbfMgNCPFau9dVyWWspqaKOA1gQ&random=940198736&ipr=y

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request signin Show response
exchange.gemini.com/ 605 KB
97 KB 365ms
130ms Document
text/html 99.83.200.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.gemini.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.200.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4793faec64193924.awsglobalaccelerator.com

Software

nginx /

Resource Hash

ad94a4b7d9d16d0a2d81fb05b08d856df3dacb2fa63c19ceee941520f5e2aff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Nov 2024 16:08:53 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains; preload;
vary: Accept-Encoding Accept, Refresh-Only,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-include-csp: recaptcha.contentSecurityPolicy
x-xss-protection: 1; mode=block

GET
H2 200 0.31380fff1e204a7183df.css
assets.gemini.com/builds-2/web/main/ 35 KB
7 KB 94ms
33ms Stylesheet
text/css 2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/0.31380fff1e204a7183df.css
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ca0e5699402ed70650d6d4a77eb296e9f31cdf231d2cc55dc9a1f0595e3a2c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: accept-encoding
content-encoding: gzip
x-amz-version-id: YFWA8.RpSR3lkKqm6.jcrzBDyCy_88kg
etag: W/"79640388c18f0c988ca1f928fe1ff6e1"
age: 7
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: eWQDiMGPDJiMofko/h/24Q==
x-cache: Hit from cloudfront
x-amz-cf-id: t3Lxhy9pBnJFBCudYMbTYZhCEtfHs0ndFf8DZEip3XNd8D4j2DstBA==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 22:23:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap

Requested by

Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d492c26a987889bfe41bb483657a1d888c7ed54c36c39593709f75bbae6aa2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 16:08:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:53 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:00:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 runtime.d19d2534d7df2deaedff.js Show response
assets.gemini.com/builds-2/web/main/ 3 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/runtime.d19d2534d7df2deaedff.js
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec14ac5808a66b1505af674f9f6e5e9b1181c249941fb3a6715a1024a1b28286

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: accept-encoding
content-encoding: gzip
x-amz-version-id: 1Ad3ya9YAeRnrdcWTckis61BafHJB0Va
etag: W/"229b2bad01b40607c6aef61ede91ed0b"
age: 7
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: IpsrrQG0BgfGrvYe3pHtCw==
x-cache: Hit from cloudfront
x-amz-cf-id: MAKeIjoGv3PHaI_p5HebgsfX1P7yB5JZ1o0JL1XSxFfV3Z8xm62TNQ==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 23:19:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

GET
H2 200 0.9dbbdd1a15781afdc821.js Show response
assets.gemini.com/builds-2/web/main/ 7 MB
2 MB 35ms
34ms Script
application/javascript 2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03c79674b7d763fcde518d828381358a1b89e16e72442c166ead858a710bb7c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: accept-encoding
content-encoding: gzip
x-amz-version-id: qAXUIFdfXCeF2kS.f0qzBUXWvSGbRL.N
etag: W/"55fd92dffc2a9109815b41575f712cf8"
age: 7
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: Vf2S3/wqkQmBW0FXX3Es+A==
x-cache: Hit from cloudfront
x-amz-cf-id: PrhTuY1VcIVEhlNSfHGQQy_lU0_QaOXSrvLmwgcGTn8PnSPsKyxR8w==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 22:43:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

GET
H2 200 92.f7c065c25eb088973c3f.js Show response
assets.gemini.com/builds-2/web/main/ 24 KB
9 KB 36ms
35ms Script
application/javascript 2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/92.f7c065c25eb088973c3f.js
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76fad79184fcfdb8d2307d6b10afe1a5b3f9ac88937c0f05edfbf05633b3176f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: accept-encoding
content-encoding: gzip
x-amz-version-id: Gw2nZZHXEQ6.DyjIIVH_Vf58Ia.HABZo
etag: W/"26f7e9bbd6cf1c837b2043f776377f9f"
age: 7
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: Jvfpu9bPHIN7IEP3djd/nw==
x-cache: Hit from cloudfront
x-amz-cf-id: LEKGuGWXu68m9qfUqKxOXU9kf3g5xBgy-kbnELRMIoodo9Xf_3Rg7w==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 14:32:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
o472445.ingest.sentry.io/api/4506225612554240/envelope/ 2 B
300 B 76ms
27ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o472445.ingest.sentry.io/api/4506225612554240/envelope/?sentry_key=79790a4fb03f0991e0dd94149d81e2c8&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.0

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 / Show response
api.mixpanel.com/decide/ 65 B
315 B 86ms
35ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=d63e727b7647b63c44007c4c8876cb81&ip=0&_=1730477334482
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 159.240.178.107.bc.googleusercontent.com
Software: gunicorn /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

access-control-max-age: 1728000
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https://exchange.gemini.com
alt-svc: clear
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/json
server: gunicorn
access-control-allow-headers: X-Requested-With

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
118 B 184ms
136ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTGludXgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tL3NpZ25pbiIsIiRicm93c2VyX3ZlcnNpb24iOiAxMzAsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yMi40IiwiZGlzdGluY3RfaWQiOiAiMTkyZTg3YzlmY2Y1YWQtMDk3ZWI4ODNlMGI5ZDQtMTc0NjJjNmUtMWQ0YzAwLTE5MmU4N2M5ZmQwMTQ0NiIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vZXhjaGFuZ2UuZ2VtaW5pLmNvbS9zaWduaW4iLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIkxpbnV4IiwidG9rZW4iOiAiZDYzZTcyN2I3NjQ3YjYzYzQ0MDA3YzRjODg3NmNiODEifX0%3D&ip=0&_=1730477334484

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=604800; includeSubDomains
access-control-max-age: 1728000
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https://exchange.gemini.com
alt-svc: clear
content-length: 1
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/json
access-control-allow-headers: X-Requested-With

GET
H2

200

22.fc269ba4651c2d307cfe.js Show response
assets.gemini.com/builds-2/web/main/
Redirect Chain

https://exchange.gemini.com/js/22.fc269ba4651c2d307cfe.js
https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js

9 KB
3 KB

30ms
30ms

Script
application/javascript

2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70b869c2cf6c1e243f3372a07660ccdd90bf0ee5397b983a604b0a314ac4e765

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: 7ukG_J24vIkivUjn54.RBagILedFH9mj
etag: W/"01b11f2c50596c70e2d3d0f879696bde"
age: 35
via: 1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: AbEfLFBZbHDi09D4eWlr3g==
x-cache: Hit from cloudfront
x-amz-cf-id: XcCwc0IWfPCpF1W8c2S2D9NiTOncfSAn1kYS0plgJU8g6BjW6QEjkA==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 19:47:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload;
location: https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-length: 0
date: Fri, 01 Nov 2024 16:08:54 GMT
x-xss-protection: 1; mode=block
vary: Origin
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 locate Show response
exchange.gemini.com/ 16 B
359 B 121ms
117ms XHR
application/json 99.83.200.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.gemini.com/locate

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.200.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4793faec64193924.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.gemini.com/signin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Csrf-Token: nocheck

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload;
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Tue, 03 Jul 2001 06:00:00 GMT
content-length: 16
date: Fri, 01 Nov 2024 16:08:54 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Origin
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 locate Show response
exchange.gemini.com/ 16 B
138 B 249ms
127ms XHR
application/json 99.83.200.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.gemini.com/locate
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4793faec64193924.awsglobalaccelerator.com
Software: istio-envoy /
Resource Hash: 4c301d0d2e88acf6184fae04e18c3fe2f6b494d4fd7ee8ba5c6b0ed2b6e5659c

Request headers

Referer: https://exchange.gemini.com/signin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Csrf-Token: nocheck

Response headers

content-length: 16
date: Fri, 01 Nov 2024 16:08:54 GMT
x-envoy-upstream-service-time: 2
content-type: application/json
vary: Origin
server: istio-envoy

POST
H2 201 / Show response
sdk.iad-03.braze.com/api/v3/data/ 23 B
312 B 168ms
163ms XHR
application/json 172.64.151.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.210 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://exchange.gemini.com/
X-Requested-With: XMLHttpRequest
X-Braze-TriggersRequest: true
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Api-Key: f7c7991a-0419-4e08-acae-40e64d232a89
X-Braze-DataRequest: true

Response headers

access-control-max-age: 7200
x-request-id: 6995225d-892c-46ff-9c53-df566f4cc23d
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"7dee95a6ccd31ae0fcf82a88a1eed413"
access-control-allow-methods: POST, GET
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/json
vary: Origin,Accept-Encoding
x-runtime: 0.020985
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1730477337
cf-ray: 8dbd256ed961e51f-TXL
x-ratelimit-remaining: 494.0
access-control-allow-origin: *
x-ratelimit-limit: 500.0
server: cloudflare

OPTIONS
H2 200 /
sdk.iad-03.braze.com/api/v3/data/ Frame 0
0 213ms
139ms Preflight 172.64.151.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-03.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.210 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://exchange.gemini.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 8dbd256dfd64e51f-TXL
content-encoding: gzip
date: Fri, 01 Nov 2024 16:08:54 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2

200

SignIn.47dffa89d.en-US.json Show response
assets.gemini.com/builds-2/web/main/
Redirect Chain

https://exchange.gemini.com/js/SignIn.47dffa89d.en-US.json
https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json

121 KB
31 KB

91ms
33ms

XHR
application/json

2600:9000:266e:2400:1a:e26f:c2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
Protocol: H2
Server: 2600:9000:266e:2400:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72a12767c6b54eda8a896127a923a20087bc8ab1bd5afd60dbe2e0cea916cb57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: nGPS2VqfLp4YNeuPnsck4rG8YrUMv0Qu
etag: W/"752b6068c018cd3b431b8d06a40e8b96"
age: 59
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: iEZEHQecYmx8yZBtU6vGWWYW5DfV39IAkdCjJHRzBoPI4XrnVZ2HcQ==
date: Fri, 01 Nov 2024 16:08:47 GMT
content-type: application/json
vary: accept-encoding
last-modified: Fri, 01 Nov 2024 14:35:14 GMT
access-control-allow-credentials: true
via: 1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
x-amz-meta-md5chksum: dStgaMAYzTtDG40GpA6Llg==
access-control-allow-origin: https://exchange.gemini.com
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload;
location: https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-length: 0
date: Fri, 01 Nov 2024 16:08:54 GMT
x-xss-protection: 1; mode=block
vary: Origin
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 favicon.png
exchange.gemini.com/assets/images/ 6 KB
6 KB 120ms
119ms Other
image/png 99.83.200.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.gemini.com/assets/images/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.200.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a4793faec64193924.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d56111fa0dc008b6b7a1c35c5b5db54d787a509a1aa3604c0dcdcaacac2dd2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/signin

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload;
cache-control: public, max-age=3600
etag: "81e52da0a353472b405e9f9bdc49e516d8b8a871"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5748
date: Fri, 01 Nov 2024 16:08:54 GMT
x-xss-protection: 1; mode=block
content-type: image/png
vary: Origin
server: nginx
last-modified: Fri, 01 Jan 2010 00:00:00 GMT
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 431 KB
135 KB 97ms
47ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8GNNSS2GRV

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d0a912d56ab66b4c0c8d99650db24766101054a7a131701c618d90c628a0287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 01 Nov 2024 16:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137040
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 308 KB
104 KB 132ms
130ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee6e467d4d73de151a9ee5eaeab3c73cae53539850ce62d8cdf9756d1a2b579b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 01 Nov 2024 16:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105801
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 200ms
115ms Script
application/javascript 18.173.156.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.156.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-156-247.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6809abca6a41d3fda45b365d00b7683beb23de1a7e14c7b09357a60306ad3bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23688
x-amz-cf-id: 6LHGBPBF-HFsNCmUY4_0nBwFfs5xuAriNc3Vg-xEV9F-FC78Z3PDCA==
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: MUC50-P3
server: CloudFront
access-control-allow-headers: Content-Type

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 48ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ctwZA9mc' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ctwZA9mc' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4454, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: ORrsb+/spvGTQXdDmOyWe/KbpgKUtffc8t8W4MldT+dz0AI2WxlkOCV+o6MgLoqtQ2Lcm+1bStkB6xnPzpFQSA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62068
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 61ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://exchange.gemini.com
Referer: https://fonts.googleapis.com/

Response headers

age: 175730
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:04 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1021 B 88ms
33ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f1fdf3d093765e1a568b3953a59154929fc1191db803b896b7cb84734161530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 16:08:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 01 Nov 2024 16:08:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 loader.min.js Show response
a.gemini.com/assets/ 169 KB
58 KB 85ms
23ms Script
text/javascript 2600:1901:0:40b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gemini.com/assets/loader.min.js
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:40b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8a6dbfda9fb522e0fb4d8246700bf7b52878def13224d4b3c8172bb375ef73c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=w72JWA==, md5=eH6JpRmuLXbmaxv8smj3mw==
etag: "787e89a519ae2d76e66b1bfcb268f79b"
age: 177
x-goog-stored-content-encoding: gzip
expires: Fri, 01 Nov 2024 16:35:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 58617
date: Fri, 01 Nov 2024 16:05:57 GMT
last-modified: Wed, 16 Oct 2024 21:16:30 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2fAe3NFQWXz8gXUNa7RcAzP8drlKHtQxEygkmzhJrV1cLSWrGWUlXoSY55psoR_EhUNgkS9ckiLw
cache-control: public, max-age=1800,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729113390845798
content-length: 58617
content-language: en
server: UploadServer

GET
H2

200

challenge.js Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/
Redirect Chain

https://9e5fa68d596e.us-east-1.sdk.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js

1 MB
288 KB

536ms
479ms

Script
text/javascript

13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
Protocol: H2
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: 07acd3193488441daae3669e8cae2901fb8066ee8749e9f84a81d4eb95098274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: private, max-age=86400, stale-while-revalidate=604800
content-encoding: gzip
pragma: no-cache
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd17-2c87d36346c066b03bd72dab
x-cache: Miss from cloudfront
x-amz-cf-id: xwFbJC3WRWHTMbuquBogYRwJ50INtoe5ssvjBe6rfFtEpycV1CIVRA==
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/javascript
last-modified: Fri, 1 Nov 2024 16:08:55 +0000
vary: accept-encoding
x-amz-cf-pop: FRA60-P3

Redirect headers

access-control-max-age: 86400
cache-control: max-age=86400
location: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
access-control-allow-methods: *
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 0
x-amz-cf-id: Jj6Kvo5FGuqP1vjRcJgt4FPUVAEdpzqIf50vbMG8yAaigkaiojpvaQ==
date: Fri, 01 Nov 2024 16:08:54 GMT
x-amz-cf-pop: FRA60-P1
server: CloudFront
access-control-allow-headers: *

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 94ms
38ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8GNNSS2GRV&gtm=45je4au0v9105748813za200&_p=1730477334748&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1227952725.1730477335&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1730477334&sct=1&seg=0&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&dt=Gemini%20-%20Sign%20In&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&tfd=1706
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://exchange.gemini.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 95ms
31ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8GNNSS2GRV&cid=1227952725.1730477335&gtm=45je4au0v9105748813za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8GNNSS2GRV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://exchange.gemini.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 91ms
59ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8GNNSS2GRV&cid=1227952725.1730477335&gtm=45je4au0v9105748813za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tag_exp=101533422~101823848~101878899~101878944~101925629&z=467527997

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 01 Nov 2024 16:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 330632917740535 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/330632917740535?v=2.9.175&r=stable&domain=exchange.gemini.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b467f3a164c254d24d1fb6da0322345eeff37aadd9a8386024864d959f073db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-KshGN2hJ' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KshGN2hJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=77, mss=1232, tbw=70835, tp=67, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: pJRdG/jR+OsSyt7XHzFNJIga3HqD5ZPQU/lvXe2OMZ6vN8vhjnv2jNuQ9jydq/xiNws0kDay0G1jp5mQ/esfyA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13488
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://exchange.gemini.com
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
age: 55317
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 00:46:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 00:46:58 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 74ms
24ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477335039&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12316&fbp=fb.1.1730477335038.719982832268086771&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2923, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
864 B 356ms
307ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477335039&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12316&fbp=fb.1.1730477335038.719982832268086771&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343560568221299"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: kyRhsIeUb1TcAE8mlXNGiwudQr3P7hc01MQq/W8naMubfsZzT63XwZ0N3r8nslhFfhhHy1bb/NvsHTGXTJpThw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343560568221299", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=15, mss=1328, tbw=7601, tp=-1, tpl=-1, uplat=283, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H3 200 collect
www.google.com/ccm/ 0
0 34ms
34ms Ping
text/plain 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&scrsrc=www.googletagmanager.com&frm=0&rnd=174775404.1730477335&auid=2098205200.1730477335&npa=1&gtm=45He4au0v834314644za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&tft=1730477335058&tfd=1782&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 90ms
21ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
age: 2560
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 17:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 137ms
31ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: max-age=71311
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Fri, 01 Nov 2024 16:08:55 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 114ms
33ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Fri, 01 Nov 2024 16:08:55 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 00:10:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000084-IAD, cache-fra-etou8220156-FRA
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 130ms
45ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55678264B2F342469BE68481BEAAA033 Ref B: FRA31EDGE0710 Ref C: 2024-11-01T16:08:55Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 01 Nov 2024 16:08:54 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 258 KB
91 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-538501539&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36a5b4ce746faa9eac19c4125a261eac31eec893d75fae81ec22d1c846ebcc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 01 Nov 2024 16:08:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92876
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 3006003839611824 Show response
connect.facebook.net/signals/config/ 36 KB
6 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3006003839611824?v=2.9.175&r=stable&domain=exchange.gemini.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C195%2C197%2C122%2C145%2C151%2C129%2C232%2C116%2C127%2C146%2C173%2C159%2C118%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9306baf39c8201f31f3006efe34370ea33ad5d0833d7acd9dee3fc2a258f9c33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-vuvLSVdj' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vuvLSVdj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=89, mss=1232, tbw=85443, tp=82, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: SzBqT1MvlmmS74kM4zC64E4/L4vj9UunhCnvj63LmTbpnn9MOm3/5AsJOGlkCJ6mUxllwQ6ED2Vobuk6aDSTOA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 6173
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 k85y0ypapn Show response
www.clarity.ms/tag/ 553 B
810 B 279ms
190ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/k85y0ypapn
Requested by: Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9fce37bebc154ea333ebd72fb94845604b20b32a50ea4e84946eb0e8ab70ccf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/x-javascript
x-azure-ref: 20241101T160855Z-166dfbc8549b925l5v2g6nvzb40000000bk0000000006qzn

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 35ms
26ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477335067&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1730477335038.719982832268086771&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&tm=1&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2923, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 213ms
212ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477335067&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1730477335038.719982832268086771&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&tm=1&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343561482721788"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343561482721788", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 3uxP3sVgFcyYjSnVxejXgD9gyhJ7t4FefoYNDbWMScmrlyntUdydvXkdmSjI3TK7vdVexckHCSsEdE5TXQnOxg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1328, tbw=3503, tp=-1, tpl=-1, uplat=191, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1

200
OK

ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=84.19.175.183;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=84.19.175.183;cuidchk=1

42 B
721 B

35ms
35ms

Image
image/gif

2.18.64.70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=84.19.175.183;cuidchk=1

Protocol

HTTP/1.1

Server

2.18.64.70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-70.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma: no-cache
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sun, 9 Nov 1980 12:58:00 GMT
Content-Length: 42
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Fri, 01 Nov 2024 16:08:55 GMT
Content-Type: image/gif

Redirect headers

Location: /pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=84.19.175.183;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 0
Date: Fri, 01 Nov 2024 16:08:55 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Content-Type-Options: nosniff

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 73C7 0
0 77ms
22ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fexchange.gemini.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 174462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 15:41:13 GMT
expires: Thu, 30 Oct 2025 15:41:13 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collector.min.0c114cf.html Show response
a.gemini.com/assets/ Frame AD5D 263 B
463 B 54ms
53ms Document
text/html 2600:1901:0:40b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Requested by: Host: a.gemini.com
URL: https://a.gemini.com/assets/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:40b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bf6570a72929f0df02233a09eb6317c147d04493b2a0a90d67dfff8a7ca0bbc2

Request headers

Referer: https://exchange.gemini.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
age: 148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1800,no-transform
content-encoding: gzip
content-language: en
content-length: 209
content-type: text/html
date: Fri, 01 Nov 2024 16:06:27 GMT
etag: "2b24bfcf8807ac9d93facb4d82860e7b"
expires: Fri, 01 Nov 2024 16:36:27 GMT
last-modified: Wed, 16 Oct 2024 21:16:30 GMT
server: UploadServer
x-goog-generation: 1729113390740199
x-goog-hash: crc32c=5gn5bw== md5=KyS/z4gHrJ2T+stNgoYOew==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 209
x-guploader-uploadid: AHmUCY017CMgLl6YfZH8KH3xzbJn6ntKKBWN5Bt-72XPKPpEebdwj9BrNG0SEMDsRaYrotCrsVZyxzzi3Q

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 33ms
25ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3006003839611824&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&rl=&if=false&ts=1730477335134&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730477335038.719982832268086771&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1328, tbw=3356, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1018 B 181ms
174ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3006003839611824&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&rl=&if=false&ts=1730477335134&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730477335038.719982832268086771&ler=empty&cdl=API_unavailable&it=1730477335003&coo=false&tm=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343560686169898"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343560686169898", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: rR6b4GBaI9DSatlaaAev7hLDVSDlxN3XfFwtdU5m2TsHKRcUc12rUGktFF4mq1CUyj2P+oyTWf/mV7nO4t6gUw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1328, tbw=6561, tp=-1, tpl=-1, uplat=154, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 a6f1d525-34a9-431b-889e-1e7495e83eab.json Show response
tr.snapchat.com/config/com/ 117 B
403 B 203ms
129ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/a6f1d525-34a9-431b-889e-1e7495e83eab.json?v=3.33.2-2411010127

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 94
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://exchange.gemini.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 7AAF 0
0 109ms
38ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab&u_scsid=fe39aa1c-bb1e-4c3a-9063-c7fc79eb0e8f&u_sclid=c2c79c44-512f-40fd-bc56-d7677555f62b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://exchange.gemini.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Nov 2024 16:08:55 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 4

GET
H3 200 collector.min.0c114cf.js Show response
a.gemini.com/assets/ Frame AD5D 214 KB
75 KB 29ms
26ms Script
text/javascript 2600:1901:0:40b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gemini.com/assets/collector.min.0c114cf.js
Requested by: Host: a.gemini.com
URL: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:40b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dd6ae70973cd81b76f9ff7e134fe379eba834709ce3fef50355a2ef11e9c0e32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://a.gemini.com
Referer: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=vxftqw==, md5=kx5I8kr7uLp3CpJw3eC+JA==
etag: "931e48f24afbb8ba770a9270dde0be24"
age: 530
x-goog-stored-content-encoding: gzip
expires: Fri, 01 Nov 2024 16:30:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 76543
date: Fri, 01 Nov 2024 16:00:05 GMT
last-modified: Wed, 16 Oct 2024 21:16:30 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2WuaP1vK-pDcgifw0s04H1ue89mGavVbr46JODNGMj2_HmjtpsEAFUZahWMxSBhqsWE3w
cache-control: public, max-age=1800,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729113390831798
content-length: 76543
content-language: en
server: UploadServer

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
423 B 30ms
29ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1425219210&t=pageview&_s=1&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&ul=de-de&de=UTF-8&dt=Gemini%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1240729538&gjid=418707468&cid=1227952725.1730477335&tid=UA-57271391-1&_gid=2096896399.1730477335&_r=1&_slc=1&gtm=45He4au0n81K4R83PJv834314644za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&npa=1&z=49734454

Requested by

Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://exchange.gemini.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:08:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://exchange.gemini.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/538501539/ 5 KB
3 KB 70ms
38ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/538501539/?random=1730477335203&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-538501539&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

99c81a8c9b7af7916087446441417cea15a617ca2aa419934bab64f3b4713fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2708
date: Fri, 01 Nov 2024 16:08:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 adsct
t.co/i/ 43 B
628 B 202ms
146ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2624%2624%261600%261200%260%26na&eci=2&event_id=a8d5fbdb-daf1-487e-99ee-89601d22774c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7793b872-ba54-43ec-95c2-0be6db24da6b&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 3d48eaca7c84062b
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 341c27912a9241c58207d4a7e35a0d622fdddc23cc2570066f8a0065128d72f1
cf-cache-status: DYNAMIC
cf-ray: 8dbd2571aa2c2bbb-FRA
x-response-time: 103
content-length: 43
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 171ms
125ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2624%2624%261600%261200%260%26na&eci=2&event_id=a8d5fbdb-daf1-487e-99ee-89601d22774c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7793b872-ba54-43ec-95c2-0be6db24da6b&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: fe3da7975a919d6d
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 1a667add0b965e6fc185a079c8dc59d7ed62dc35f473c701489d02902aab34ff
x-response-time: 103
content-length: 43
date: Fri, 01 Nov 2024 16:08:54 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame DF2F 0
0 87ms
47ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=3omxp897ekn5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6l5ZEHi5fWzpN7PdnlMD-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.gemini.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6l5ZEHi5fWzpN7PdnlMD-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 16:08:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0C5A 0
0 79ms
43ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=zbhcm6t941b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9cfEwEZmmH03g9T0S82HLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.gemini.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9cfEwEZmmH03g9T0S82HLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 16:08:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 183ms
126ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://exchange.gemini.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000625dc26de985fba408b05f00f54c0
x-msedge-ref: Ref A: 5311995785B346079A08642730374B39 Ref B: DUS30EDGE0417 Ref C: 2024-11-01T16:08:55Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYl3CbemF+6QIsF8A9UwA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQJkcs2r1wpqpAAAAZLofKOTiZfSmN7UAka_ZC5v0p3ZyI5InpgYotNwaB9E8FSR...

0
266 B

342ms
276ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQJkcs2r1wpqpAAAAZLofKOTiZfSmN7UAka_ZC5v0p3ZyI5InpgYotNwaB9E8FSR830J1o-1YSrPIFF6-DNYgssPI3ufww
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ADA93F97FA194C47B7ED8C53D10BD0EA Ref B: DUS30EDGE0814 Ref C: 2024-11-01T16:08:55Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYl3Cbkcdf5nvPvz4tgVw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477335304&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQJkcs2r1wpqpAAAAZLofKOTiZfSmN7UAka_ZC5v0p3ZyI5InpgYotNwaB9E8FSR830J1o-1YSrPIFF6-DNYgssPI3ufww
x-msedge-ref: Ref A: 2201971DAE5D449C82ADCD66CDCC582D Ref B: FRAEDGE1611 Ref C: 2024-11-01T16:08:55Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYl3Cbe2zMuAIyIwycK3A==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Fri, 01 Nov 2024 16:08:54 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/538501539/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=...
https://www.google.com/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=...
https://www.google.de/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=s...

42 B
64 B

37ms
37ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQIIo8WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIqbTwtsK7iQMVuqqDBx3qrgZmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQldDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklzQUU0NEgwM0d2NEFlbXI1UE95aUNhYlhSWUp6cVZGRUU0em5BaElTNjdBNzFYLW1kRVBPek51bGdWbTA&is_vtc=1&cid=CAQSGwCa7L7dV9T_m9IrRJ806OYAJK8LBO04hMBQAw&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hwy1GUUJhbfMgNCPFau9dVyWWspqaKOA1gQ&random=940198736&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 01 Nov 2024 16:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/538501539/?random=425904368&cv=11&fst=1730477335203&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=2098205200.1730477335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgjVyrECCLnBsQIIscOxAgiKxbECCMLJsQIIo8WxAkosbm90LW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIqbTwtsK7iQMVuqqDBx3qrgZmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQldDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklzQUU0NEgwM0d2NEFlbXI1UE95aUNhYlhSWUp6cVZGRUU0em5BaElTNjdBNzFYLW1kRVBPek51bGdWbTA&is_vtc=1&cid=CAQSGwCa7L7dV9T_m9IrRJ806OYAJK8LBO04hMBQAw&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hwy1GUUJhbfMgNCPFau9dVyWWspqaKOA1gQ&random=940198736&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 01 Nov 2024 16:08:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 56372295.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 45ms
45ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56372295.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8155f571b5c2eae8a09c0abda561da5261ab1b64b5f6c3204cb4e0009ab74c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 205F4790039B4AF49E62D80CD64EF62B Ref B: FRA31EDGE0710 Ref C: 2024-11-01T16:08:55Z
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 bg.png
ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai/ Frame AD5D 81 B
530 B 260ms
24ms Image
image/png 34.120.14.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai/bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.14.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 05c362bd48e67b7a442ce2470b259a424596beb8b225401e5cdc627b654f0d06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.gemini.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=RCQxPg==, md5=4qi/VZBiHGUgePaQCHxHow==
etag: "e2a8bf5590621c652078f690087c47a3"
age: 1450
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 81
date: Fri, 01 Nov 2024 15:44:45 GMT
last-modified: Sat, 11 Nov 2023 15:03:59 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY2-kcA52by0KKt4cm7kqVjXIoTgkrmq2oP_Oh-vWnHUdpHChUREf-5p1vv0_52cOktOojeuNuX2TA
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1699715039510755
content-length: 81
server: UploadServer

POST
H3 200 p
tr.snapchat.com/ 0
15 B 64ms
37ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://exchange.gemini.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
server: API Gateway

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 48ms
46ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/k85y0ypapn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

x-azure-ref: 20241101T160855Z-166dfbc8549b925l5v2g6nvzb40000000bk0000000006r01
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 5a160b8c-e01e-0003-7e4f-28cfbf000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 01:20:43 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 191ms
115ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=56372295&tm=gtm002&Ver=2&mid=354d5040-877d-48d1-9af4-8c3cb597d741&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72E9E8AFFD0B4E6EAD23BDBA9B270FD5 Ref B: FRAEDGE1821 Ref C: 2024-11-01T16:08:55Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 16:08:55 GMT

GET
H2 200 56372295 Show response
www.clarity.ms/tag/uet/ 743 B
998 B 266ms
265ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56372295?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56372295.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: edbf5a1264ee6a4b7c07df691c4a97999722cc44aa3654465446832b1e72cf42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 743
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/x-javascript
x-azure-ref: 20241101T160855Z-166dfbc8549b925l5v2g6nvzb40000000bk0000000006r02

GET
H2 204 0
bat.bing.net/action/ 0
344 B 189ms
114ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=56372295&tm=gtm002&Ver=2&mid=354d5040-877d-48d1-9af4-8c3cb597d741&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Gemini%20-%20Sign%20In&p=https%3A%2F%2Fexchange.gemini.com%2Fsignin&r=&lt=1386&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=936725
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 12D1313BE4484530939E28BF93CF3B53 Ref B: FRAEDGE1821 Ref C: 2024-11-01T16:08:55Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 16:08:55 GMT

GET
H2 200 b.png
p.gemini.com/v1/ Frame AD5D 68 B
292 B 399ms
132ms Image
image/png 34.67.241.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.gemini.com/v1/b.png?sessionKey=67b7f6e0-5a22-46a6-a5aa-a72cc88a2eff&clientId=87271e93-ae9b-4ed1-b98b-0ef903f22353&flow=%2Fsignin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.67.241.53 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.241.67.34.bc.googleusercontent.com
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.gemini.com/

Response headers

x-request-id: 4c0c10d1-4cde-4cd5-81b7-a680f3cf51c4
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 UTC
x-version-id: 1a292c7
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: image/png
x-accel-expires: 0

POST
H3 200 events Show response
a.gemini.com/v1/ Frame AD5D 527 B
547 B 192ms
180ms XHR
application/json 2600:1901:0:40b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gemini.com/v1/events
Requested by: Host: a.gemini.com
URL: https://a.gemini.com/assets/collector.min.0c114cf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:40b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 6cea04dbd33a2714792c9530b54c6a8fed030f3c0e002278fd3e15795be68fb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf

Response headers

x-request-id: 2175f39f464909bcc21d3ca698102169
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: https://docs.sardine.ai
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
x-version-id: 7bea909
date: Fri, 01 Nov 2024 16:08:55 GMT
content-type: application/json
vary: Origin
access-control-allow-headers: Origin, Content-Type, Accept, Authorization

POST
H2 200 p
tr6.snapchat.com/ 0
193 B 126ms
50ms Ping
text/plain 2600:1901:0:7628::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
x-envoy-upstream-service-time: 17
server: API Gateway

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
283 B 400ms
142ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://exchange.gemini.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://exchange.gemini.com
Date: Fri, 01 Nov 2024 16:08:55 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H3 200 p
tr.snapchat.com/ 0
15 B 35ms
33ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://exchange.gemini.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 01 Nov 2024 16:08:55 GMT
server: API Gateway

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 8754 0
0 32ms
32ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZA6AJa7BmsFz2z510rySBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange.gemini.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZA6AJa7BmsFz2z510rySBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 16:08:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 180ms
179ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exchange.gemini.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 91A29DE83A3C4899BAFE61F422EF7989 Ref B: FRAEDGE1611 Ref C: 2024-11-01T16:08:55Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYl3CbnFpm2KGeX1PxhUw==
x-li-proto: http/2
access-control-allow-origin: https://exchange.gemini.com
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 16:08:55 GMT
vary: Origin

POST
H3 200 verify Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 324 B
671 B 352ms
307ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/verify
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: 218fb47947026b4be9bd40be2004b0e5483558f84ada88c3ba741dfb637df25f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

x-amz-cf-id: B_u-PY0ekXhgHBZlH63QA7vyY9ySmhIde1PpMr5hYkcfP2ddya2HYw==
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: OPTIONS,GET,POST
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd18-688a1db54396ab9f3734da04
content-length: 324
access-control-allow-origin: *
date: Fri, 01 Nov 2024 16:08:56 GMT
content-type: application/json
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA60-P3

POST
H3 200 telemetry Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 892 B
1 KB 300ms
298ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: dae85d56c9c6ca297775fde67237a9da3a94841d716597634ef7b679974f9751

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

x-amz-cf-id: -SCJX_ZVxioUYzFQANg2qdmvmhOYNtGnflwd7hJMxw18cT7CJb949Q==
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: OPTIONS,GET,POST
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd18-41d851df64018c1d61913ef5
content-length: 892
access-control-allow-origin: *
date: Fri, 01 Nov 2024 16:08:56 GMT
content-type: application/json
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA60-P3

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
283 B 117ms
116ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://exchange.gemini.com/

Response headers

Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin: https://exchange.gemini.com
Date: Fri, 01 Nov 2024 16:08:56 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H3 200 telemetry Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 980 B
1 KB 301ms
301ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: 7a05ddd82d9785009448887b7ab32ba57b39fce9e5180ff9d6040c06acb2f4f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

x-amz-cf-id: 9SlC7jadBsX4diPhaQgYLXiGcY0P_8HsHqmx4YHmmgEsE--72iqs4g==
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: OPTIONS,GET,POST
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd19-2b932e32377300d01e1db8f5
content-length: 980
access-control-allow-origin: *
date: Fri, 01 Nov 2024 16:08:57 GMT
content-type: application/json
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA60-P3

POST
H3 200 telemetry Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 1 KB
1 KB 297ms
295ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: 4065077070285c2beb1db96d936c6b4f4c74c9ddbf2f4bbb6b644db67a96b18d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: OPTIONS,GET,POST
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd19-356ebff4143573b308d8161a
x-cache: Miss from cloudfront
x-amz-cf-id: CyhYC2O8G2LjnJiTgZngdL-_Pob01Okq0shUu7MC_cI_S8JUw6VqGg==
date: Fri, 01 Nov 2024 16:08:57 GMT
content-type: application/json
vary: accept-encoding
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3

POST
H3 200 telemetry Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 1 KB
1 KB 299ms
297ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: c472a0de99bc84cbf7eee31dccc55dc7f606951e9dc8a9ccf1ad3f767975cf11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: OPTIONS,GET,POST
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd1a-4e8f4e8447976834727309e3
x-cache: Miss from cloudfront
x-amz-cf-id: Jnjerd3wulRvVv9Bgv_wnj_J5FLVn26L_YMnYas6cH3Q6eL0AWt8Zw==
date: Fri, 01 Nov 2024 16:08:58 GMT
content-type: application/json
vary: accept-encoding
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3

POST telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 0
0

POST
H3 200 report Show response
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 2 B
346 B 299ms
297ms Fetch
application/json 13.32.99.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/report
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-74.fra60.r.cloudfront.net
Software: /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://exchange.gemini.com/

Response headers

x-amz-cf-id: UdgyAQBOHJpfqA-4PNbMmjzemOkvxzW5yNknB7496eBlgJ1sm6rdUg==
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: OPTIONS,GET,POST
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
expires: 0
alt-svc: h3=":443"; ma=86400
x-amzn-waf-challenge-id: Root=1-6724fd1b-2f50b68b3931284e65cf549d
content-length: 2
access-control-allow-origin: *
date: Fri, 01 Nov 2024 16:08:59 GMT
content-type: application/json
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA60-P3

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 29ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8GNNSS2GRV&gtm=45je4au0v9105748813za200&_p=1730477334748&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1227952725.1730477335&ul=de-de&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1730477334&sct=1&seg=0&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&dt=Gemini%20-%20Sign%20In&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6717
Requested by: Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchange.gemini.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://exchange.gemini.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 16:09:00 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9e5fa68d596e.0421493d.us-east-1.token.awswaf.com
URL: https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:42:43	Name: X-AB Value: fbf07e0db2f4494e9db10cfd615ef56e
.exchange.gemini.com/	1969-12-31 23:59:59	Name: GEMINI_SESSION2 Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjcxNTY0YTY4MzY3ODFlOGI1NzQxNzUzZGM1YzQwYmMwZmFhODM1YjMtMTczMDQ3NzMzMzU3Mi03YjFiNmI0MzQxZjM0YzM2MDBkYzg4NWMifSwibmJmIjoxNzMwNDc3MzMzLCJpYXQiOjE3MzA0NzczMzN9.GuJDMN_eepPyoaX7jNqWrKvM-1RMpXJgO1mev1zkxtU
.exchange.gemini.com/	1970-01-21 00:41:19	Name: SardineSession Value: sessionKey=67b7f6e0-5a22-46a6-a5aa-a72cc88a2eff&expiry=1730479133584
.exchange.gemini.com/	1970-01-21 10:17:17	Name: AnalyticsId Value: analyticsId=ce067ea8-a587-46e1-bda5-fe43328eeb9d
.gemini.com/	1970-01-21 09:26:53	Name: mp_d63e727b7647b63c44007c4c8876cb81_mixpanel Value: %7B%22distinct_id%22%3A%20%22192e87c9fcf5ad-097eb883e0b9d4-17462c6e-1d4c00-192e87c9fd01446%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gemini.com/	1970-01-21 10:17:17	Name: ab.storage.userId.f7c7991a-0419-4e08-acae-40e64d232a89 Value: %7B%22g%22%3A%22logged_out_user%22%2C%22c%22%3A1730477334486%2C%22l%22%3A1730477334487%7D
.gemini.com/	1970-01-21 10:17:17	Name: ab.storage.deviceId.f7c7991a-0419-4e08-acae-40e64d232a89 Value: %7B%22g%22%3A%22ace2e02b-8ba8-2918-d3ad-e9e94a2f5024%22%2C%22c%22%3A1730477334488%2C%22l%22%3A1730477334488%7D
.gemini.com/	1970-01-21 10:17:17	Name: ab.storage.sessionId.f7c7991a-0419-4e08-acae-40e64d232a89 Value: %7B%22g%22%3A%22e77f353c-64a4-cc28-126c-ad23ab30c9bb%22%2C%22e%22%3A1730479134498%2C%22c%22%3A1730477334487%2C%22l%22%3A1730477334498%7D
exchange.gemini.com/	1970-01-21 10:17:17	Name: lang Value: en-US
.exchange.gemini.com/	1969-12-31 23:59:59	Name: cookieSettings Value: {%22hasDismissed%22:false%2C%22allowAnalytics%22:true%2C%22isCcpaEnabled%22:false%2C%22isSuppressed%22:false}
.exchange.gemini.com/	1969-12-31 23:59:59	Name: gtm_consent Value: true
.gemini.com/	1970-01-21 10:17:17	Name: _ga_8GNNSS2GRV Value: GS1.1.1730477334.1.0.1730477334.60.0.0
.gemini.com/	1970-01-21 02:50:53	Name: _fbp Value: fb.1.1730477335038.719982832268086771
.gemini.com/	1970-01-21 02:50:53	Name: _gcl_au Value: 1.1.2098205200.1730477335
.gemini.com/	1970-01-21 10:11:04	Name: _scid Value: KJy9_nhidfD09wCT3GXKQSyheXhtHGqv
.gemini.com/	1970-01-21 10:11:04	Name: _scid_r Value: KJy9_nhidfD09wCT3GXKQSyheXhtHGqv
.gemini.com/	1970-01-21 10:17:17	Name: _ga Value: GA1.2.1227952725.1730477335
.gemini.com/	1970-01-21 00:42:43	Name: _gid Value: GA1.2.2096896399.1730477335
.gemini.com/	1970-01-21 00:41:17	Name: _gat_UA-57271391-1 Value: 1
.trkn.us/	1970-01-21 09:26:53	Name: barometric[cuid] Value: cuid_6724fd17-85b3-4140-b266-74a541c4ee06
.doubleclick.net/	1970-01-21 00:41:18	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-21 10:17:17	Name: personalization_id Value: "v1_YOIvqgWVq3ODsWExJhSqOA=="
.gemini.com/	1970-01-21 00:51:22	Name: _ScCbts Value: %5B%5D
.t.co/	1970-01-21 10:17:17	Name: muc_ads Value: 65637194-0c2e-40a6-b14a-92b3f4541c7b
.t.co/	1970-01-21 00:41:19	Name: __cf_bm Value: CXMt6nEtb209Et2_W4dwJpafR6UxuccS2p5DCQy0hX0-1730477335-1.0.1.1-VX9_NYhnMJHzI7Gwu.llKl0zIrHNf7hAuJdiFRfbyOBASpGGQP7xXWgTHWvo4633NBjkqrFt2GrbwUJcAwmw_w
exchange.gemini.com/	1970-01-21 00:41:18	Name: _dd_s Value: rum=0&expire=1730478234471&lock=8122f741-ef28-4157-a735-9b96fe451ec0
.gemini.com/	1970-01-21 00:41:18	Name: _dd_s Value: rum=0&expire=1730478234471&lock=dcf1e504-c421-4aea-a261-9a9b89df9545
.linkedin.com/	1970-01-21 09:26:53	Name: bcookie Value: "v=2&9badf2e9-0564-4687-8313-ffb720b8fbc7"
.linkedin.com/	1970-01-21 05:00:29	Name: li_gc Value: MTswOzE3MzA0NzczMzU7MjswMjGrBE63PqGn8x0qH0cuNLWmPjcnXMrowAOcg7RKhu95nw==
.linkedin.com/	1970-01-21 00:42:43	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3322:u=1:x=1:i=1730477335:t=1730563735:v=2:sig=AQFphwaNovb2ZGBQa3CLEN5aVaYKQfgl"
a.gemini.com/	1970-01-21 09:26:53	Name: _immortal\|deviceToken Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..RR9i7TfhKDfOiyw7.tkHJVzpT2ZIxusRENTkgBanRQzWYVSH5XZQOpekkf2UXYljf2PbJrB3Hj8JDsxra2rYgjs0rcnBxDo1auiKaBu_DLsDceUTY6PBh63BPzYHASsPH1kglRvOOu5Y8oNBbSlUtIHTiCqihvZTA2kgdgHfehYn_bUzl4J7OF0F9Khd8bNc6JPG26Rm4i0ChcQhEStcmjUdPGgGQek_pj8BsLmIafMNWrARPltjhQFzltSKsAMQaVY_6VPfoWhcBhr0FJ7A-KJsR2RUHPVv_p3xGlNvswgvEYxb5bo5VNFV7-N1nM3Vl2I7jouJuGytLEZtyO2e241U.ee_5FFEgpQtuiTrTCG_-Jw
.exchange.gemini.com/	1970-01-21 00:47:02	Name: aws-waf-token Value: 2dbe769d-9658-42e1-a95b-86b21e67d636:EQoAdglwdKq5AAAA:Q8JHCrNaqBHt2gqYJAOsIs6rA95gF1FGvXT4bOEsm1lX4l866yxDMLfjPYv9CdyhO8rdLuFAEmm7vlx90UL7qFk8cSm/HG7nkHJN4NMJ6pQSIFWSq1CzutdWhlrzwjPPv9LUnoK1cRuI2hy2NPQ6O6ef3S4lep5pe3vRB6Zu5mZaRGD7u2TqmbKBnLaj0hkcohBti8+5ek7vlZzxGns1ezrOzdZFrHSz39WUyoAwI+A0nOd17T3fa9DJaBMVQoNkgCqjw7qq6bH3OSekxu2w2nph8pijd05f8pSe+g==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://exchange.gemini.com/signin Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C04501CC370000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e5fa68d596e.0421493d.us-east-1.token.awswaf.com
9e5fa68d596e.us-east-1.sdk.awswaf.com
a.gemini.com
analytics.twitter.com
api.mixpanel.com
assets.gemini.com
bat.bing.com
bat.bing.net
connect.facebook.net
exchange.gemini.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ls80u4g9b80cdd7t3g8w8097h6585njn.d.sardine.ai
o472445.ingest.sentry.io
p.gemini.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sc-static.net
sdk.iad-03.braze.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.clarity.ms
t.co
tr.snapchat.com
tr6.snapchat.com
trkn.us
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com
104.244.42.131
107.178.240.159
13.107.42.14
13.32.121.41
13.32.99.74
142.250.186.98
146.75.120.157
162.159.140.229
172.64.151.210
18.173.156.247
2.18.64.70
20.114.189.70
2001:4860:4802:32::178
2001:4860:4802:34::36
2600:1901:0:40b::
2600:1901:0:7628::
2600:9000:266e:2400:1a:e26f:c2c0:93a1
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:33::10
2620:1ec:c11::237
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9b
2a02:26f0:3500:10::210:a9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.120.14.251
34.120.195.249
34.67.241.53
35.190.43.134
99.83.200.252
03c79674b7d763fcde518d828381358a1b89e16e72442c166ead858a710bb7c8
05c362bd48e67b7a442ce2470b259a424596beb8b225401e5cdc627b654f0d06
07acd3193488441daae3669e8cae2901fb8066ee8749e9f84a81d4eb95098274
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d0a912d56ab66b4c0c8d99650db24766101054a7a131701c618d90c628a0287
218fb47947026b4be9bd40be2004b0e5483558f84ada88c3ba741dfb637df25f
2b467f3a164c254d24d1fb6da0322345eeff37aadd9a8386024864d959f073db
2f1fdf3d093765e1a568b3953a59154929fc1191db803b896b7cb84734161530
36a5b4ce746faa9eac19c4125a261eac31eec893d75fae81ec22d1c846ebcc4f
4065077070285c2beb1db96d936c6b4f4c74c9ddbf2f4bbb6b644db67a96b18d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c301d0d2e88acf6184fae04e18c3fe2f6b494d4fd7ee8ba5c6b0ed2b6e5659c
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6809abca6a41d3fda45b365d00b7683beb23de1a7e14c7b09357a60306ad3bb3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cea04dbd33a2714792c9530b54c6a8fed030f3c0e002278fd3e15795be68fb0
70b869c2cf6c1e243f3372a07660ccdd90bf0ee5397b983a604b0a314ac4e765
72a12767c6b54eda8a896127a923a20087bc8ab1bd5afd60dbe2e0cea916cb57
76fad79184fcfdb8d2307d6b10afe1a5b3f9ac88937c0f05edfbf05633b3176f
7a05ddd82d9785009448887b7ab32ba57b39fce9e5180ff9d6040c06acb2f4f7
7ca0e5699402ed70650d6d4a77eb296e9f31cdf231d2cc55dc9a1f0595e3a2c6
7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b
8155f571b5c2eae8a09c0abda561da5261ab1b64b5f6c3204cb4e0009ab74c8b
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a6dbfda9fb522e0fb4d8246700bf7b52878def13224d4b3c8172bb375ef73c2
9306baf39c8201f31f3006efe34370ea33ad5d0833d7acd9dee3fc2a258f9c33
99c81a8c9b7af7916087446441417cea15a617ca2aa419934bab64f3b4713fbf
9fce37bebc154ea333ebd72fb94845604b20b32a50ea4e84946eb0e8ab70ccf6
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad94a4b7d9d16d0a2d81fb05b08d856df3dacb2fa63c19ceee941520f5e2aff8
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
bf6570a72929f0df02233a09eb6317c147d04493b2a0a90d67dfff8a7ca0bbc2
c472a0de99bc84cbf7eee31dccc55dc7f606951e9dc8a9ccf1ad3f767975cf11
d492c26a987889bfe41bb483657a1d888c7ed54c36c39593709f75bbae6aa2d6
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d56111fa0dc008b6b7a1c35c5b5db54d787a509a1aa3604c0dcdcaacac2dd2b2
dae85d56c9c6ca297775fde67237a9da3a94841d716597634ef7b679974f9751
dd6ae70973cd81b76f9ff7e134fe379eba834709ce3fef50355a2ef11e9c0e32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec14ac5808a66b1505af674f9f6e5e9b1181c249941fb3a6715a1024a1b28286
edbf5a1264ee6a4b7c07df691c4a97999722cc44aa3654465446832b1e72cf42
ee6e467d4d73de151a9ee5eaeab3c73cae53539850ce62d8cdf9756d1a2b579b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
fc740a7dd685e149ac9c20befb93b7e127249aa2d260a3b5f6b0ab696051e8a0

exchange.gemini.com Open in urlscan Pro 99.83.200.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

91 %HTTPS

54 %IPv6

27 Domains

37 Subdomains

36 IPs

4 Countries

3545 kBTransfer

11766 kBSize

32 Cookies

1 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exchange.gemini.com Open in urlscan Pro
99.83.200.252 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

91 %
HTTPS

54 %
IPv6

27
Domains

37
Subdomains

36
IPs

4
Countries

3545 kB
Transfer

11766 kB
Size

32
Cookies

81 HTTP transactions
0 data transactions