urlscan.io logo urlscan.io
SecurityTrails logo

exchange.gemini.com Open in urlscan Pro
99.83.200.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://exchange.gemini.com/signin
Submission: On November 01 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 4 countries across 26 domains to perform 75 HTTP transactions. The main IP is 99.83.200.252, located in United States and belongs to AMAZON-02, US. The main domain is exchange.gemini.com. The Cisco Umbrella rank of the primary domain is 352017.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 16th 2024. Valid for: a year.
This is the only time exchange.gemini.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 99.83.200.252 16509 (AMAZON-02)
6 2600:9000:266... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 130.211.34.183 396982 (GOOGLE-CL...)
2 172.64.151.210 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 157.240.253.1 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.99 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
1 6 142.250.185.68 15169 (GOOGLE)
2 2600:1901:0:4... 396982 (GOOGLE-CL...)
1 1 18.239.83.67 16509 (AMAZON-02)
7 13.32.99.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 199.232.188.157 54113 (FASTLY)
2 2620:1ec:33:1... 8075 (MICROSOFT...)
3 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2 2.18.64.70 20940 (AKAMAI-ASN1)
2 157.240.253.35 32934 (FACEBOOK)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 172.217.18.98 15169 (GOOGLE)
2 34.36.120.137 396982 (GOOGLE-CL...)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 142.250.181.226 15169 (GOOGLE)
1 34.120.14.251 396982 (GOOGLE-CL...)
1 34.67.241.53 396982 (GOOGLE-CL...)
3 20.122.63.128 8075 (MICROSOFT...)
75 34
5    99.83.200.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4793faec64193924.awsglobalaccelerator.com
exchange.gemini.com
6    2600:9000:266e:1e00:1a:e26f:c2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.gemini.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o472445.ingest.sentry.io
2    130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api.mixpanel.com
2    172.64.151.210 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-03.braze.com
4    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
4    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
www.google.de
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
www.gstatic.com
6    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
2    2600:1901:0:40b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
a.gemini.com
1    18.239.83.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-67.ams58.r.cloudfront.net
9e5fa68d596e.us-east-1.sdk.awswaf.com
7    13.32.99.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-74.fra60.r.cloudfront.net
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2.18.64.70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-70.deploy.static.akamaitechnologies.com
trkn.us
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
2    34.36.120.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.120.36.34.bc.googleusercontent.com
a.gemini.com
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    34.120.14.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.14.120.34.bc.googleusercontent.com
iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai
1    34.67.241.53 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.241.67.34.bc.googleusercontent.com
p.gemini.com
3    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
Apex Domain
Subdomains		 Transfer
16 gemini.com
exchange.gemini.com — Cisco Umbrella Rank: 352017
assets.gemini.com — Cisco Umbrella Rank: 740968
a.gemini.com — Cisco Umbrella Rank: 822312
p.gemini.com
2 MB
8 awswaf.com
9e5fa68d596e.us-east-1.sdk.awswaf.com
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 607618
295 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
www.google.com — Cisco Umbrella Rank: 3
1 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
p.clarity.ms — Cisco Umbrella Rank: 6522
30 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
338 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
80 KB
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 20475
464 B
2 trkn.us
trkn.us — Cisco Umbrella Rank: 2502
1 KB
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
16 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
265 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
127 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
571 B
2 braze.com
sdk.iad-03.braze.com — Cisco Umbrella Rank: 3464
312 B
2 mixpanel.com
api.mixpanel.com — Cisco Umbrella Rank: 1090
433 B
1 sardine.ai
iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai
530 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 89
3 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 962
393 B
1 t.co
t.co — Cisco Umbrella Rank: 859
625 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 960
16 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 sentry.io
o472445.ingest.sentry.io
300 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
0 sc-static.net Failed
sc-static.net Failed
75 26
Domain Requested by
7 9e5fa68d596e.0421493d.us-east-1.token.awswaf.com exchange.gemini.com
assets.gemini.com
6 www.google.com 1 redirects assets.gemini.com
www.googletagmanager.com
www.gstatic.com
6 www.facebook.com exchange.gemini.com
6 assets.gemini.com exchange.gemini.com
5 exchange.gemini.com 2 redirects assets.gemini.com
4 a.gemini.com assets.gemini.com
a.gemini.com
4 www.googletagmanager.com assets.gemini.com
www.googletagmanager.com
3 p.clarity.ms assets.gemini.com
3 px.ads.linkedin.com 1 redirects assets.gemini.com
3 www.clarity.ms exchange.gemini.com
bat.bing.com
www.clarity.ms
3 connect.facebook.net assets.gemini.com
connect.facebook.net
2 bat.bing.net bat.bing.com
exchange.gemini.com
2 trkn.us 1 redirects exchange.gemini.com
2 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.google-analytics.com www.googletagmanager.com
assets.gemini.com
2 www.google.de exchange.gemini.com
2 region1.analytics.google.com assets.gemini.com
2 sdk.iad-03.braze.com assets.gemini.com
2 api.mixpanel.com assets.gemini.com
1 p.gemini.com exchange.gemini.com
1 iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai exchange.gemini.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 px4.ads.linkedin.com exchange.gemini.com
1 analytics.twitter.com exchange.gemini.com
1 t.co exchange.gemini.com
1 www.gstatic.com www.google.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 9e5fa68d596e.us-east-1.sdk.awswaf.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 o472445.ingest.sentry.io assets.gemini.com
1 fonts.googleapis.com exchange.gemini.com
0 sc-static.net Failed assets.gemini.com
75 35

This site contains links to these domains. Also see Links.

Domain
www.gemini.com
Subject Issuer Validity Valid
exchange.gemini.com
Amazon RSA 2048 M02		 2024-07-16 -
2025-08-14		 a year crt.sh
assets.gemini.com
Amazon RSA 2048 M03		 2024-02-29 -
2025-03-30		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-03 -
2025-07-29		 10 months crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
iad-03.braze.com
E5		 2024-10-05 -
2025-01-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
a.gemini.com
WR3		 2024-10-26 -
2025-01-24		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-27 -
2025-04-25		 6 months crt.sh
d.sardine.ai
WR3		 2024-09-30 -
2024-12-29		 3 months crt.sh
p.gemini.com
WR1		 2024-10-02 -
2024-12-31		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.0421493d.us-east-1.token.awswaf.com
Amazon RSA 2048 M02		 2024-05-04 -
2025-06-01		 a year crt.sh

This page contains 6 frames:

Primary Page: https://exchange.gemini.com/signin
Frame ID: 212281A6468FA52E329B3970C560ABF5
Requests: 65 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fexchange.gemini.com
Frame ID: 0BE178AE56A60F4ADF76A035F4E0A4DD
Requests: 1 HTTP requests in this frame

Frame: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Frame ID: F0D0EF190227D3FEB8368E77D3DCFF57
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=y0g72i6oc0lm
Frame ID: 0F527897382B03568A07128CDF45612E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=gdzokixbjw2k
Frame ID: EF7C1EE290069D9614648BAC42291A6E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Frame ID: CC02496453BBDAC7F44000211D91FBE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gemini - Sign In

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • api\.mixpanel\.com/track
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

75
Requests

91 %
HTTPS

37 %
IPv6

26
Domains

35
Subdomains

34
IPs

4
Countries

3523 kB
Transfer

11733 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://exchange.gemini.com/js/22.fc269ba4651c2d307cfe.js HTTP 301
  • https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
Request Chain 14
  • https://exchange.gemini.com/js/SignIn.47dffa89d.en-US.json HTTP 301
  • https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
Request Chain 27
  • https://9e5fa68d596e.us-east-1.sdk.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js HTTP 307
  • https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
Request Chain 38
  • https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid] HTTP 302
  • https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=80.255.7.106;cuidchk=1
Request Chain 47
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQLaphuh0eclMQAAAZLofMuGFl9zCOwsfacRRUZszTBFjVektYHpJBXTlhlxLHaGwhT5rX0
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw535nLKUBkxkQhZJGW4Imp2gnxZjAFqf6Q&pscrd=IhMI8rfpu8K7iQMVCYiDBx3JXjz9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQlZDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklyQUU0NEgwM1R5Y2lnaUhhVXY5b1VDM0x4WjFjNF8wQlhGQ2t2QUpKSEFBR0htdWVvTlk0RWo5RHNDdw HTTP 302
  • https://www.google.com/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI8rfpu8K7iQMVCYiDBx3JXjz9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQlZDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklyQUU0NEgwM1R5Y2lnaUhhVXY5b1VDM0x4WjFjNF8wQlhGQ2t2QUpKSEFBR0htdWVvTlk0RWo5RHNDdw&is_vtc=1&cid=CAQSGwCa7L7dmwljhdI9AHumdqVaVBbs0sZoG3bmLQ&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw_J85uJHx33SO4QaVovyqfiHeJDlCmo86g&random=2492325945 HTTP 302
  • https://www.google.de/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI8rfpu8K7iQMVCYiDBx3JXjz9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQlZDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklyQUU0NEgwM1R5Y2lnaUhhVXY5b1VDM0x4WjFjNF8wQlhGQ2t2QUpKSEFBR0htdWVvTlk0RWo5RHNDdw&is_vtc=1&cid=CAQSGwCa7L7dmwljhdI9AHumdqVaVBbs0sZoG3bmLQ&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw_J85uJHx33SO4QaVovyqfiHeJDlCmo86g&random=2492325945&ipr=y

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
exchange.gemini.com/ 		605 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e058cb13783aa76bedf487ce7411485a67dc9fbd4e3efe4c821a853aebe485f3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Nov 2024 16:08:49 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Accept-Encoding Accept, Refresh-Only,Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-include-csp
recaptcha.contentSecurityPolicy
x-xss-protection
1; mode=block
0.31380fff1e204a7183df.css
assets.gemini.com/builds-2/web/main/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/0.31380fff1e204a7183df.css
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ca0e5699402ed70650d6d4a77eb296e9f31cdf231d2cc55dc9a1f0595e3a2c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
accept-encoding
content-encoding
gzip
x-amz-version-id
YFWA8.RpSR3lkKqm6.jcrzBDyCy_88kg
etag
W/"79640388c18f0c988ca1f928fe1ff6e1"
age
3
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
eWQDiMGPDJiMofko/h/24Q==
x-cache
Hit from cloudfront
x-amz-cf-id
GZnRHr_wPXVJr0qODhFTGgP8Rn3zZBE391jXs0BJVnIs_fg-4zGvEw==
date
Fri, 01 Nov 2024 16:08:47 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 22:23:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d492c26a987889bfe41bb483657a1d888c7ed54c36c39593709f75bbae6aa2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:08:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:08:49 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 01 Nov 2024 14:50:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
runtime.d19d2534d7df2deaedff.js
assets.gemini.com/builds-2/web/main/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/runtime.d19d2534d7df2deaedff.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec14ac5808a66b1505af674f9f6e5e9b1181c249941fb3a6715a1024a1b28286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
accept-encoding
content-encoding
gzip
x-amz-version-id
1Ad3ya9YAeRnrdcWTckis61BafHJB0Va
etag
W/"229b2bad01b40607c6aef61ede91ed0b"
age
3
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
IpsrrQG0BgfGrvYe3pHtCw==
x-cache
Hit from cloudfront
x-amz-cf-id
b8SEPxrZN2VeRQkdY29PeDyGQQL3K46baznYCTqpS3XVakXGu3YInA==
date
Fri, 01 Nov 2024 16:08:47 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 23:19:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
0.9dbbdd1a15781afdc821.js
assets.gemini.com/builds-2/web/main/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03c79674b7d763fcde518d828381358a1b89e16e72442c166ead858a710bb7c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
accept-encoding
content-encoding
gzip
x-amz-version-id
qAXUIFdfXCeF2kS.f0qzBUXWvSGbRL.N
etag
W/"55fd92dffc2a9109815b41575f712cf8"
age
3
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
Vf2S3/wqkQmBW0FXX3Es+A==
x-cache
Hit from cloudfront
x-amz-cf-id
x4ROPFuPDIJ5im5_QWvc-gFATYNp2bDA4UxvfFAY3yG3M_3vNhE_sw==
date
Fri, 01 Nov 2024 16:08:47 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 22:43:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
92.f7c065c25eb088973c3f.js
assets.gemini.com/builds-2/web/main/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/92.f7c065c25eb088973c3f.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76fad79184fcfdb8d2307d6b10afe1a5b3f9ac88937c0f05edfbf05633b3176f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
accept-encoding
content-encoding
gzip
x-amz-version-id
Gw2nZZHXEQ6.DyjIIVH_Vf58Ia.HABZo
etag
W/"26f7e9bbd6cf1c837b2043f776377f9f"
age
3
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
Jvfpu9bPHIN7IEP3djd/nw==
x-cache
Hit from cloudfront
x-amz-cf-id
JKJ8T_bg_tIR_2YIL5Zll_0JcaJSNCq5iY1nE9pv0Z1UpOgzuulDhg==
date
Fri, 01 Nov 2024 16:08:47 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 14:32:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
/
o472445.ingest.sentry.io/api/4506225612554240/envelope/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o472445.ingest.sentry.io/api/4506225612554240/envelope/?sentry_key=79790a4fb03f0991e0dd94149d81e2c8&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.0
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Fri, 01 Nov 2024 16:09:03 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
/
api.mixpanel.com/decide/ 		65 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=d63e727b7647b63c44007c4c8876cb81&ip=0&_=1730477343845
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

access-control-max-age
1728000
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https://exchange.gemini.com
alt-svc
clear
date
Fri, 01 Nov 2024 16:09:03 GMT
content-type
application/json
server
gunicorn
access-control-allow-headers
X-Requested-With
/
api.mixpanel.com/track/ 		1 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTGludXgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tL3NpZ25pbiIsIiRicm93c2VyX3ZlcnNpb24iOiAxMzAsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yMi40IiwiZGlzdGluY3RfaWQiOiAiMTkyZTg3Y2M0NjEyMTUtMGQyNDQ4MmM1OTE5ZWUtMTc0NjJjNmUtMWQ0YzAwLTE5MmU4N2NjNDYyODNjIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIm1wX3BhZ2UiOiAiaHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tL3NpZ25pbiIsIm1wX2Jyb3dzZXIiOiAiQ2hyb21lIiwibXBfcGxhdGZvcm0iOiAiTGludXgiLCJ0b2tlbiI6ICJkNjNlNzI3Yjc2NDdiNjNjNDQwMDdjNGM4ODc2Y2I4MSJ9fQ%3D%3D&ip=0&_=1730477343850
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=604800; includeSubDomains
access-control-max-age
1728000
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https://exchange.gemini.com
alt-svc
clear
content-length
1
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/json
access-control-allow-headers
X-Requested-With
22.fc269ba4651c2d307cfe.js
assets.gemini.com/builds-2/web/main/
Redirect Chain
  • https://exchange.gemini.com/js/22.fc269ba4651c2d307cfe.js
  • https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70b869c2cf6c1e243f3372a07660ccdd90bf0ee5397b983a604b0a314ac4e765

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
Accept-Encoding
content-encoding
gzip
x-amz-version-id
7ukG_J24vIkivUjn54.RBagILedFH9mj
etag
W/"01b11f2c50596c70e2d3d0f879696bde"
age
45
via
1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
AbEfLFBZbHDi09D4eWlr3g==
x-cache
Hit from cloudfront
x-amz-cf-id
dZOHxenyaB4yX6pDC9ohDPvtye2_OlfCWI_E2vMcsUOXTK7riiGC8g==
date
Fri, 01 Nov 2024 16:08:47 GMT
content-type
application/javascript
last-modified
Wed, 30 Oct 2024 19:47:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload;
location
https://assets.gemini.com/builds-2/web/main/22.fc269ba4651c2d307cfe.js
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-length
0
date
Fri, 01 Nov 2024 16:09:03 GMT
x-xss-protection
1; mode=block
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
locate
exchange.gemini.com/ 		16 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/locate
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Csrf-Token
nocheck

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload;
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
expires
Tue, 03 Jul 2001 06:00:00 GMT
content-length
16
date
Fri, 01 Nov 2024 16:09:04 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
locate
exchange.gemini.com/ 		16 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/locate
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Csrf-Token
nocheck

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload;
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
expires
Tue, 03 Jul 2001 06:00:00 GMT
content-length
16
date
Fri, 01 Nov 2024 16:09:04 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
/
sdk.iad-03.braze.com/api/v3/data/ 		23 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.210 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://exchange.gemini.com/
X-Requested-With
XMLHttpRequest
X-Braze-TriggersRequest
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
f7c7991a-0419-4e08-acae-40e64d232a89
X-Braze-DataRequest
true

Response headers

access-control-max-age
7200
x-request-id
a041dfce-fd65-4e8c-bea5-c0d69713ac4e
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"7dee95a6ccd31ae0fcf82a88a1eed413"
access-control-allow-methods
POST, GET
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.023004
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1730477346
cf-ray
8dbd25ab3ed46a78-TXL
x-ratelimit-remaining
492.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
/
sdk.iad-03.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.210 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://exchange.gemini.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8dbd25aa3d8b6a78-TXL
content-encoding
gzip
date
Fri, 01 Nov 2024 16:09:04 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8GNNSS2GRV
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f632c4bc2898ee5c364c2d23a0b6af10a21f7ed03b0a1ef025ce1dabca712a09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 01 Nov 2024 16:09:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137045
x-xss-protection
0
server
Google Tag Manager
SignIn.47dffa89d.en-US.json
assets.gemini.com/builds-2/web/main/
Redirect Chain
  • https://exchange.gemini.com/js/SignIn.47dffa89d.en-US.json
  • https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
121 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Server
2600:9000:266e:1e00:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72a12767c6b54eda8a896127a923a20087bc8ab1bd5afd60dbe2e0cea916cb57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
nGPS2VqfLp4YNeuPnsck4rG8YrUMv0Qu
etag
W/"752b6068c018cd3b431b8d06a40e8b96"
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
gdmiDHPwxMbvxN_dvIQng-_M5s6qgktoYEl4iSpI5gD5IZzMSJXn-Q==
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/json
vary
accept-encoding
last-modified
Fri, 01 Nov 2024 14:35:14 GMT
access-control-allow-credentials
true
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
x-amz-meta-md5chksum
dStgaMAYzTtDG40GpA6Llg==
access-control-allow-origin
https://exchange.gemini.com
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload;
location
https://assets.gemini.com/builds-2/web/main/SignIn.47dffa89d.en-US.json
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-length
0
date
Fri, 01 Nov 2024 16:09:04 GMT
x-xss-protection
1; mode=block
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		334 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b40b916adb81a751d209e8e5c1936df98fa5e31a52db0d4c6929b23f446b248
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 01 Nov 2024 16:09:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
114265
x-xss-protection
0
server
Google Tag Manager
scevent.min.js
sc-static.net/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-s7hqnvVp' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-s7hqnvVp' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4450, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
fvvS3tDJEisDIzy7PmsH/HngpJd9VQ7CIffn/MxbBqn13QFAkiM5yCqMyyjb2qIdUcOQVchRVD4Cvv5kLtFLiA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62068
x-xss-protection
0
origin-agent-cluster
?1
330632917740535
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/330632917740535?v=2.9.175&r=stable&domain=exchange.gemini.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
2b467f3a164c254d24d1fb6da0322345eeff37aadd9a8386024864d959f073db
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KshGN2hJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KshGN2hJ' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=6, c=76, mss=1232, tbw=77730, tp=71, tpl=6, uplat=1, ullat=-1
pragma
public
x-fb-debug
pJRdG/jR+OsSyt7XHzFNJIga3HqD5ZPQU/lvXe2OMZ6vN8vhjnv2jNuQ9jydq/xiNws0kDay0G1jp5mQ/esfyA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13488
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477344613&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12316&fbp=fb.1.1730477344609.215740343607163565&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=GET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2911, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477344613&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12316&fbp=fb.1.1730477344609.215740343607163565&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=FGET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343599310143083"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:04 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
GLFP1l3quzFta456rAY6CRHcOtyEkeumbATfyzkPrGGFokKBtSQWiwTAvxy6yG77QIRBd2tHpt49zFFK2n5aaA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343599310143083", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=3229, tp=-1, tpl=-1, uplat=175, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8GNNSS2GRV&gtm=45je4au0v9105748813za200&_p=1730477344273&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=2111987216.1730477345&ul=de-de&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1730477344&sct=1&seg=0&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&dt=Gemini%20-%20Sign%20In&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&tfd=15887
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://exchange.gemini.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
547 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8GNNSS2GRV&cid=2111987216.1730477345&gtm=45je4au0v9105748813za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8GNNSS2GRV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://exchange.gemini.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8GNNSS2GRV&cid=2111987216.1730477345&gtm=45je4au0v9105748813za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tag_exp=101533422~101823848~101878899~101878944~101925629&z=836544107
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 01 Nov 2024 16:09:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://exchange.gemini.com
Referer
https://fonts.googleapis.com/

Response headers

age
175741
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:20:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
api.js
www.google.com/recaptcha/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
2f1fdf3d093765e1a568b3953a59154929fc1191db803b896b7cb84734161530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 16:09:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 01 Nov 2024 16:09:05 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
loader.min.js
a.gemini.com/assets/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.gemini.com/assets/loader.min.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:40b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8a6dbfda9fb522e0fb4d8246700bf7b52878def13224d4b3c8172bb375ef73c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=w72JWA==, md5=eH6JpRmuLXbmaxv8smj3mw==
etag
"787e89a519ae2d76e66b1bfcb268f79b"
age
912
x-goog-stored-content-encoding
gzip
expires
Fri, 01 Nov 2024 16:23:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
58617
date
Fri, 01 Nov 2024 15:53:53 GMT
last-modified
Wed, 16 Oct 2024 21:16:30 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2ayt3uBTi2nn61FG52f4lHZgZHK-YNKqHi6pvtbnpp_LF_WvweUKiJassYt4CLJlL7yx4
cache-control
public, max-age=1800,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729113390845798
content-length
58617
content-language
en
server
UploadServer
challenge.js
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/
Redirect Chain
  • https://9e5fa68d596e.us-east-1.sdk.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
  • https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
1 MB
288 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
f51a8a5f323473741b255ba55b993d34d3f0fd0eb62b46ee44fe44150aa51ada

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
private, max-age=86400, stale-while-revalidate=604800
content-encoding
gzip
pragma
no-cache
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd21-732990f32d6324646ff14def
x-cache
Miss from cloudfront
x-amz-cf-id
TbyiDKSYg_34rUxJcgqC1KCSI-gACB0e9rVlQbTODqhywJb-NzMctA==
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
text/javascript
last-modified
Fri, 1 Nov 2024 16:09:05 +0000
vary
accept-encoding
x-amz-cf-pop
FRA60-P3

Redirect headers

access-control-max-age
86400
cache-control
max-age=86400
location
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/challenge.js
access-control-allow-methods
*
via
1.1 416dae0837568c2bb7cea7ae5c6bba22.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
0
x-amz-cf-id
M7xP6PCjL56aWwHYr334zPOW9QK-BJstRF3SoElSxPuqga0t0mYp_w==
date
Fri, 01 Nov 2024 16:09:05 GMT
x-amz-cf-pop
AMS58-P5
server
CloudFront
access-control-allow-headers
*
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&scrsrc=www.googletagmanager.com&frm=0&rnd=945775342.1730477345&auid=1936262787.1730477345&npa=1&gtm=45He4au0v834314644za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&tft=1730477345046&tfd=16109&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
age
2336
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 17:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 15:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
max-age=71283
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 01 Nov 2024 16:09:05 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Fri, 01 Nov 2024 16:09:05 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 00:10:26 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000084-IAD, cache-muc13977-MUC
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4DEB9A54A5F1400694DA99BDAC731443 Ref B: FRA31EDGE0217 Ref C: 2024-11-01T16:09:05Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
destination
www.googletagmanager.com/gtag/ 		258 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-538501539&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb3719d7b4290056ecf6732d435598f2ce4c02dc13c000bfe3dc92fdaa945384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 01 Nov 2024 16:09:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92886
x-xss-protection
0
server
Google Tag Manager
3006003839611824
connect.facebook.net/signals/config/ 		36 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3006003839611824?v=2.9.175&r=stable&domain=exchange.gemini.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C195%2C197%2C122%2C145%2C151%2C129%2C232%2C116%2C127%2C146%2C173%2C159%2C118%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
9306baf39c8201f31f3006efe34370ea33ad5d0833d7acd9dee3fc2a258f9c33
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vuvLSVdj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-vuvLSVdj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=6, c=79, mss=1232, tbw=94802, tp=88, tpl=6, uplat=3, ullat=-1
pragma
public
x-fb-debug
SzBqT1MvlmmS74kM4zC64E4/L4vj9UunhCnvj63LmTbpnn9MOm3/5AsJOGlkCJ6mUxllwQ6ED2Vobuk6aDSTOA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
6173
x-xss-protection
0
origin-agent-cluster
?1
k85y0ypapn
www.clarity.ms/tag/ 		553 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/k85y0ypapn
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1da5d08bddf7521ab0729613fda0da1b4d3353957aa14ee19488a441ecab7a39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
553
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/x-javascript
x-azure-ref
20241101T160905Z-er1787bdbf4fh6x4ym89bbsgyw0000000b7000000000mr58
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477345113&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1730477344609.215740343607163565&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&tm=1&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=GET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=6108, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1730477345113&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=12316&fbp=fb.1.1730477344609.215740343607163565&pm=1&hrl=0dd4af&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&tm=1&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901&rqm=FGET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343605146029030"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
QHPsjSg/hAL052nL+PYZy2HeUTq3rT6xknDrNeQbYkJ66qPqxu2nRrWXtLH3n+TucE1RKC0wASdwRplhYCUASw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343605146029030", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=6277, tp=-1, tpl=-1, uplat=377, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=80.255.7.106;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid]
  • https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=80.255.7.106;cuidchk=1
42 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=80.255.7.106;cuidchk=1
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
HTTP/1.1
Server
2.18.64.70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sun, 9 Nov 1980 12:58:00 GMT
Content-Length
42
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Fri, 01 Nov 2024 16:09:05 GMT
Content-Type
image/gif

Redirect headers

Location
/pixel/conv/ppt=24293;g=sitewide;gid=60219;ord=[uniqueid];ip=80.255.7.106;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Date
Fri, 01 Nov 2024 16:09:05 GMT
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Content-Type-Options
nosniff
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 0BE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fexchange.gemini.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4R83PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
174472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 15:41:13 GMT
expires
Thu, 30 Oct 2025 15:41:13 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		547 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://exchange.gemini.com
Referer
https://exchange.gemini.com/

Response headers

content-encoding
gzip
age
84602
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 31 Oct 2025 16:39:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 16:39:03 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222594
x-xss-protection
0
server
sffe
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3006003839611824&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&rl=&if=false&ts=1730477345301&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730477344609.215740343607163565&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&tm=1&rqm=GET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4503, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3006003839611824&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&rl=&if=false&ts=1730477345301&sw=1600&sh=1200&v=2.9.175&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1730477344609.215740343607163565&ler=empty&cdl=API_unavailable&it=1730477344550&coo=false&tm=1&rqm=FGET
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432343603518781585"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432343603518781585", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
BwIpZGe9xRwjQC96J5iWpjZZHTLsbTuPfLz5UsECEjKDJ+uPUjacACKNLqp0JtIPn3+f20M9dg1ViBQYQIyDYA==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4871, tp=13, tpl=0, uplat=116, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collector.min.0c114cf.html
a.gemini.com/assets/ Frame F0D0 		263 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Requested by
Host: a.gemini.com
URL: https://a.gemini.com/assets/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:40b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf6570a72929f0df02233a09eb6317c147d04493b2a0a90d67dfff8a7ca0bbc2

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
age
1237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1800,no-transform
content-encoding
gzip
content-language
en
content-length
209
content-type
text/html
date
Fri, 01 Nov 2024 15:48:28 GMT
etag
"2b24bfcf8807ac9d93facb4d82860e7b"
expires
Fri, 01 Nov 2024 16:18:28 GMT
last-modified
Wed, 16 Oct 2024 21:16:30 GMT
server
UploadServer
x-goog-generation
1729113390740199
x-goog-hash
crc32c=5gn5bw== md5=KyS/z4gHrJ2T+stNgoYOew==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
209
x-guploader-uploadid
AHmUCY1-XBUhjf606jjOI3d1qaoG4BV_OTv5Xo0BcXTypNe35FgYLp8PY6sAaT7woF7Z2g852Uc
adsct
t.co/i/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=d6f63e56-59fe-4440-b282-13d93bcca097&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=464e783c-996b-4bd6-82dc-babf3ab3dae5&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.31
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
6416512b0c79cbc0
cache-control
no-cache, no-store, max-age=0
x-connection-hash
63b0b0cbb580f0cd24d11469fb95967d554f3ee5d3eca2aad04a839e25b1ddb3
cf-cache-status
DYNAMIC
cf-ray
8dbd25b1ba87e52e-TXL
x-response-time
102
content-length
43
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Europe%2FBerlin%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=d6f63e56-59fe-4440-b282-13d93bcca097&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=464e783c-996b-4bd6-82dc-babf3ab3dae5&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.31
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
b463d66df43c2c7f
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ca5c92f32126a3052425bebfa7da482d215787b9f89de49c6ad1cb201a6688d4
x-response-time
102
content-length
43
date
Fri, 01 Nov 2024 16:09:05 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
attribution_trigger
px.ads.linkedin.com/ 		2 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://exchange.gemini.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
000625dc2782737379ae4b40b06fc536
x-msedge-ref
Ref A: E281E6E207624AF2B8B03F1CCB2FAA74 Ref B: DUS30EDGE0914 Ref C: 2024-11-01T16:09:05Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYl3CeCc3N5rktAsG/FNg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQLaphuh0eclMQAAAZLofMuGFl9zCOwsfacRRUZszTBFjVektYHpJBXTlhlxLHaG...
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQLaphuh0eclMQAAAZLofMuGFl9zCOwsfacRRUZszTBFjVektYHpJBXTlhlxLHaGwhT5rX0
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 51160A642D78497DBF77010E2B3390E3 Ref B: FRAEDGE1621 Ref C: 2024-11-01T16:09:05Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYl3CeAazyCc4v4xtozhQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 01 Nov 2024 16:09:06 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1269042&time=1730477345447&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&e_ipv6=AQLaphuh0eclMQAAAZLofMuGFl9zCOwsfacRRUZszTBFjVektYHpJBXTlhlxLHaGwhT5rX0
x-msedge-ref
Ref A: 11B38D23461E4E69A876A20D5A0C2820 Ref B: FRAEDGE1516 Ref C: 2024-11-01T16:09:05Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYl3Cd66wYKwX9q094tag==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 01 Nov 2024 16:09:05 GMT
collect
www.google-analytics.com/j/ 		3 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=475023930&t=pageview&_s=1&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&ul=de-de&de=UTF-8&dt=Gemini%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1099812192&gjid=1538061068&cid=2111987216.1730477345&tid=UA-57271391-1&_gid=1670644127.1730477345&_r=1&_slc=1&gtm=45He4au0n81K4R83PJv834314644za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&npa=1&z=817404092
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://exchange.gemini.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:05 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://exchange.gemini.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
56372295.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56372295.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8155f571b5c2eae8a09c0abda561da5261ab1b64b5f6c3204cb4e0009ab74c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5D30DBD975FB4907998D15F29CC4480B Ref B: FRA31EDGE0217 Ref C: 2024-11-01T16:09:05Z
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
www.googleadservices.com/pagead/conversion/538501539/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/538501539/?random=1730477345525&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-538501539&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
404a90f773ca4964152e9d983819dd569b2789eee7a5e8954ca0f9deebd838da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2705
date
Fri, 01 Nov 2024 16:09:05 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collector.min.0c114cf.js
a.gemini.com/assets/ Frame F0D0 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.gemini.com/assets/collector.min.0c114cf.js
Requested by
Host: a.gemini.com
URL: https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.120.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.120.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dd6ae70973cd81b76f9ff7e134fe379eba834709ce3fef50355a2ef11e9c0e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://a.gemini.com
Referer
https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=vxftqw==, md5=kx5I8kr7uLp3CpJw3eC+JA==
etag
"931e48f24afbb8ba770a9270dde0be24"
age
540
x-goog-stored-content-encoding
gzip
expires
Fri, 01 Nov 2024 16:30:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
76543
date
Fri, 01 Nov 2024 16:00:05 GMT
last-modified
Wed, 16 Oct 2024 21:16:30 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2WuaP1vK-pDcgifw0s04H1ue89mGavVbr46JODNGMj2_HmjtpsEAFUZahWMxSBhqsWE3w
cache-control
public, max-age=1800,no-transform
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729113390831798
content-length
76543
content-language
en
server
UploadServer
anchor
www.google.com/recaptcha/api2/ Frame 0F52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=y0g72i6oc0lm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mUa1EHT6zSbSdOz6UCwjXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mUa1EHT6zSbSdOz6UCwjXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:09:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame EF7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=gdzokixbjw2k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3b0aIAJFPz3pewYpK8RR8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3b0aIAJFPz3pewYpK8RR8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:09:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
0
bat.bing.net/actionp/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=56372295&tm=gtm002&Ver=2&mid=9447a193-f312-4d30-8e1b-2604c0957637&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7ED58AD455A74AB6A65307327F860695 Ref B: FRA31EDGE0122 Ref C: 2024-11-01T16:09:06Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 16:09:05 GMT
56372295
www.clarity.ms/tag/uet/ 		743 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/56372295?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56372295.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2656800f3e162d5bf70d2f0c63a877c6c2eed9799128878b3192b84e7178d3f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
743
date
Fri, 01 Nov 2024 16:09:06 GMT
content-type
application/x-javascript
x-azure-ref
20241101T160905Z-er1787bdbf4fh6x4ym89bbsgyw0000000b7000000000mr60
0
bat.bing.net/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=56372295&tm=gtm002&Ver=2&mid=9447a193-f312-4d30-8e1b-2604c0957637&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Gemini%20-%20Sign%20In&p=https%3A%2F%2Fexchange.gemini.com%2Fsignin&r=&lt=15342&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=132230
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D092C5CCDAAC4CA891618C9A8CCE882D Ref B: FRA31EDGE0122 Ref C: 2024-11-01T16:09:06Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 16:09:05 GMT
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/k85y0ypapn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

x-azure-ref
20241101T160905Z-er1787bdbf4fh6x4ym89bbsgyw0000000b7000000000mr61
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
5a160b8c-e01e-0003-7e4f-28cfbf000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 01 Nov 2024 16:09:05 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
/
www.google.de/pagead/1p-conversion/538501539/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=...
  • https://www.google.com/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=...
  • https://www.google.de/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=s...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI8rfpu8K7iQMVCYiDBx3JXjz9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQlZDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklyQUU0NEgwM1R5Y2lnaUhhVXY5b1VDM0x4WjFjNF8wQlhGQ2t2QUpKSEFBR0htdWVvTlk0RWo5RHNDdw&is_vtc=1&cid=CAQSGwCa7L7dmwljhdI9AHumdqVaVBbs0sZoG3bmLQ&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw_J85uJHx33SO4QaVovyqfiHeJDlCmo86g&random=2492325945&ipr=y
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H3
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 01 Nov 2024 16:09:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/538501539/?random=100710998&cv=11&fst=1730477345525&bg=ffffff&guid=ON&async=1&gtm=45be4au0v876907464z8834314644za201zb834314644&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&label=2pZSCIS_0-MZEKPD44AC&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&value=0&npa=1&pscdl=noapi&auid=1936262787.1730477345&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCKLFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMI8rfpu8K7iQMVCYiDBx3JXjz9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vQlZDaEVJOFBpUnVRWVFoS3VyaExMQjB0S2pBUklyQUU0NEgwM1R5Y2lnaUhhVXY5b1VDM0x4WjFjNF8wQlhGQ2t2QUpKSEFBR0htdWVvTlk0RWo5RHNDdw&is_vtc=1&cid=CAQSGwCa7L7dmwljhdI9AHumdqVaVBbs0sZoG3bmLQ&eitems=ChAI8PiRuQYQ3bSS8uer1fFfEh0AW14Hw_J85uJHx33SO4QaVovyqfiHeJDlCmo86g&random=2492325945&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 01 Nov 2024 16:09:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bg.png
iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai/ Frame F0D0 		81 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai/bg.png
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05c362bd48e67b7a442ce2470b259a424596beb8b225401e5cdc627b654f0d06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a.gemini.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=RCQxPg==, md5=4qi/VZBiHGUgePaQCHxHow==
etag
"e2a8bf5590621c652078f690087c47a3"
age
1461
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
81
date
Fri, 01 Nov 2024 15:44:45 GMT
last-modified
Sat, 11 Nov 2023 15:03:59 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY2-kcA52by0KKt4cm7kqVjXIoTgkrmq2oP_Oh-vWnHUdpHChUREf-5p1vv0_52cOktOojeuNuX2TA
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1699715039510755
content-length
81
server
UploadServer
b.png
p.gemini.com/v1/ Frame F0D0 		68 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.gemini.com/v1/b.png?sessionKey=0596cb0e-1b2b-4e75-99cf-a9789f5f3816&clientId=87271e93-ae9b-4ed1-b98b-0ef903f22353&flow=%2Fsignin
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.67.241.53 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.241.67.34.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a.gemini.com/

Response headers

x-request-id
d9e773bf-49a7-4aeb-8b9b-a071b1601bc8
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 UTC
x-version-id
1a292c7
date
Fri, 01 Nov 2024 16:09:06 GMT
content-type
image/png
x-accel-expires
0
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 986D8C5D6028460EB8091258C755141E Ref B: FRAEDGE1516 Ref C: 2024-11-01T16:09:06Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYl3CeEXt5JGbWg6N/qfA==
x-li-proto
http/2
access-control-allow-origin
https://exchange.gemini.com
x-cache
CONFIG_NOCACHE
date
Fri, 01 Nov 2024 16:09:06 GMT
vary
Origin
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://exchange.gemini.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://exchange.gemini.com
Date
Fri, 01 Nov 2024 16:09:06 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
verify
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		324 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/verify
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
28491659668053e928b7794f2716f7b458c93f62457b54e1e60c817baa7dd03d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

x-amz-cf-id
J9VeH4NS09W1kLMyFCtMXht7uZ70qYEi5WoXwObAj_i27LgbFCCoLg==
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd22-3ad1eaf05bbd31db32f030ed
content-length
324
access-control-allow-origin
*
date
Fri, 01 Nov 2024 16:09:06 GMT
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA60-P3
events
a.gemini.com/v1/ Frame F0D0 		484 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.gemini.com/v1/events
Requested by
Host: a.gemini.com
URL: https://a.gemini.com/assets/collector.min.0c114cf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.120.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.120.36.34.bc.googleusercontent.com
Software
/
Resource Hash
9eb37c979708b0638d3ed44407430be895fd82d6806746c9fd2bac273a515517

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://a.gemini.com/assets/collector.min.0c114cf.html?r=2024-10-16-0c114cf

Response headers

x-request-id
d284db79a1c08de40be75e485c89a09c
access-control-allow-methods
POST, GET, OPTIONS
via
1.1 google
access-control-allow-origin
https://docs.sardine.ai
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
484
x-version-id
7bea909
date
Fri, 01 Nov 2024 16:09:06 GMT
content-type
application/json
vary
Origin
access-control-allow-headers
Origin, Content-Type, Accept, Authorization
bframe
www.google.com/recaptcha/api2/ Frame CC02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uDIKLMoVeSzNUmopo5m-2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uDIKLMoVeSzNUmopo5m-2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Nov 2024 16:09:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		892 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
71f8635cb9a7ffe3fe62d8fe8b55fdc5a610085b45d6fc0c05de9af4ab7e391a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

x-amz-cf-id
BmLM48-SWstrtN1cFlyXtdF55dbuIMwEoDu8uTnVQ6k4IQKkyIDhPQ==
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd23-7591f820115e81185e66f160
content-length
892
access-control-allow-origin
*
date
Fri, 01 Nov 2024 16:09:07 GMT
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA60-P3
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://exchange.gemini.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://exchange.gemini.com
Date
Fri, 01 Nov 2024 16:09:07 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		980 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
8eaa49f39f9d29e7be9c827c6b2dd5d6fb7d6af2e0f7c19560f215e905deab3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

x-amz-cf-id
YZhkVoJClaU-O1SBoePLP1siNEy6IE-8uo5SvgnTHyMK_PGndman_g==
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
OPTIONS,GET,POST
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd24-78088ba64240356709b4d114
content-length
980
access-control-allow-origin
*
date
Fri, 01 Nov 2024 16:09:08 GMT
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-pop
FRA60-P3
telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
b4a63063fdd3803c2627047ce24972ad7b4a9687d414d37f1920ceb923320ed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
OPTIONS,GET,POST
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd24-6241f3b215267f30329466db
x-cache
Miss from cloudfront
x-amz-cf-id
84w6aeP2gNvSgK-OMY_J5CxXo0kTq0TWk6cSJw8o_0_uGZwXItR73g==
date
Fri, 01 Nov 2024 16:09:08 GMT
content-type
application/json
vary
accept-encoding
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
4e2d13cf813d96d3c9b134e00fb8882d9c0af7ae4319dd52e0a35a2a832b21cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
OPTIONS,GET,POST
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd25-75b943c31bbac319778e9eae
x-cache
Miss from cloudfront
x-amz-cf-id
8mUQAEZJGFqGtYUu9qhtxz4f_rdLGNBv-fxPmuKIq8NHsY56FB3SSw==
date
Fri, 01 Nov 2024 16:09:09 GMT
content-type
application/json
vary
accept-encoding
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3
collect
p.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://exchange.gemini.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://exchange.gemini.com
Date
Fri, 01 Nov 2024 16:09:09 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8GNNSS2GRV&gtm=45je4au0v9105748813za200&_p=1730477344273&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=2111987216.1730477345&ul=de-de&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1730477344&sct=1&seg=0&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin&dt=Gemini%20-%20Sign%20In&en=scroll&epn.percent_scrolled=90&_et=101&tfd=21037
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://exchange.gemini.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://exchange.gemini.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 16:09:10 GMT
content-type
text/plain
server
Golfe2
telemetry
9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9e5fa68d596e.0421493d.us-east-1.token.awswaf.com/9e5fa68d596e/32cfe1fecf3c/telemetry
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.9dbbdd1a15781afdc821.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-74.fra60.r.cloudfront.net
Software
/
Resource Hash
07703128c81c030b6d492763c3ee9ca1e6728aa2cc5276d89a2204dc5836ff62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://exchange.gemini.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
OPTIONS,GET,POST
expires
0
alt-svc
h3=":443"; ma=86400
x-amzn-waf-challenge-id
Root=1-6724fd26-7c4f1b926ebb8cc41b8c9a38
x-cache
Miss from cloudfront
x-amz-cf-id
iVsNF1F1TScJentWVAsZpGXpmxnJt3lr1x5y6L-inIJ_nq-ZoRV3ww==
date
Fri, 01 Nov 2024 16:09:10 GMT
content-type
application/json
vary
accept-encoding
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sc-static.net
URL
https://sc-static.net/scevent.min.js

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _sentryDebugIds object| webpackJsonp function| setImmediate function| clearImmediate object| DD_LOGS object| DD_RUM object| __SENTRY__ function| debugTool object| currencyData object| initialData object| optimizelyData object| __sentry_instrumentation_handlers__ function| _ object| __REACT_INTL_CONTEXT__ object| __ENTRY_LOCALE_FILES__ function| applyFocusVisiblePolyfill function| checkAndTriggerAutoFillEvent object| dataLayer function| gtag function| snaptr function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| GoogleRecaptchaResolved-1eb30107-3cb5-469b-9225-b58c3ccf50f7 function| GoogleRecaptchaLoaded function| jspbGetTypeName object| google_tag_manager_external string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| twq object| _fbq_gtm_ids function| clarity object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| a3J function| a3h function| parcelRequire7d99 object| regeneratorRuntime object| _Sardine string| _sardine_revision object| sardineContext object| twttr function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| gaplugins object| gaData object| ueto_b85fb64d32 object| uetq object| GooglebQhCsO object| closure_lm_194836 object| ORIBILI object| clarityuetq object| a0_0x49b7 function| a0_0x3b1b object| AwsWafIntegration object| ChallengeScript

28 Cookies

Domain/Path Name / Value
.exchange.gemini.com/ Name: GEMINI_SESSION2
Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjYyZDlkMzc5ODgyMzgyMTc5OTY1NGJkNzlhOGM1YjZlZGZjZTE3YmMtMTczMDQ3NzMyOTQ3Ny02YTAzYzExYzU0OGVlMDY5MzgxYjVkNDIifSwibmJmIjoxNzMwNDc3MzI5LCJpYXQiOjE3MzA0NzczMjl9.GNVtRdx9hQX4k1LW-QtAYhsTSaNDkS3fEJcUjqaZhfY
.exchange.gemini.com/ Name: SardineSession
Value: sessionKey=0596cb0e-1b2b-4e75-99cf-a9789f5f3816&expiry=1730479129489
.exchange.gemini.com/ Name: AnalyticsId
Value: analyticsId=bdcb82b7-524f-4ace-a125-0c107cb1c6d0
.gemini.com/ Name: mp_d63e727b7647b63c44007c4c8876cb81_mixpanel
Value: %7B%22distinct_id%22%3A%20%22192e87cc461215-0d24482c5919ee-17462c6e-1d4c00-192e87cc46283c%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gemini.com/ Name: ab.storage.userId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%22logged_out_user%22%2C%22c%22%3A1730477343854%2C%22l%22%3A1730477343856%7D
.gemini.com/ Name: ab.storage.deviceId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%2283c0bab0-809e-c214-399f-b8752cfa6d2b%22%2C%22c%22%3A1730477343857%2C%22l%22%3A1730477343857%7D
.gemini.com/ Name: ab.storage.sessionId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%2269d70656-1abf-7f42-d29e-7943090dbb82%22%2C%22e%22%3A1730479143871%2C%22c%22%3A1730477343856%2C%22l%22%3A1730477343871%7D
exchange.gemini.com/ Name: lang
Value: en-US
.exchange.gemini.com/ Name: cookieSettings
Value: {%22hasDismissed%22:false%2C%22allowAnalytics%22:true%2C%22isCcpaEnabled%22:false%2C%22isSuppressed%22:false}
.exchange.gemini.com/ Name: gtm_consent
Value: true
.gemini.com/ Name: _fbp
Value: fb.1.1730477344609.215740343607163565
exchange.gemini.com/ Name: _dd_s
Value: rum=0&expire=1730478243833&lock=448e34e8-09b5-49d3-8a2c-424bdfd144f9
.gemini.com/ Name: _ga_8GNNSS2GRV
Value: GS1.1.1730477344.1.0.1730477344.60.0.0
.gemini.com/ Name: _dd_s
Value: rum=0&expire=1730478243833&lock=bf66007a-b0ab-4548-94f2-2da1ecf5ff46
.gemini.com/ Name: _gcl_au
Value: 1.1.1936262787.1730477345
.trkn.us/ Name: barometric[cuid]
Value: cuid_6724fd21-86b3-4140-9256-cb8fb469f7ef
.gemini.com/ Name: _ga
Value: GA1.2.2111987216.1730477345
.gemini.com/ Name: _gid
Value: GA1.2.1670644127.1730477345
.gemini.com/ Name: _gat_UA-57271391-1
Value: 1
.twitter.com/ Name: personalization_id
Value: "v1_N70fUn9W2qYnaRXa4NZVEg=="
.t.co/ Name: muc_ads
Value: b3f8de1a-4eec-4e22-aece-8390ea669356
.t.co/ Name: __cf_bm
Value: 3U_4mFa_ojb9LQ2ZeY3PJmqHiMsIj4bkhh7ON0kuva0-1730477345-1.0.1.1-RG9sd0ihYIdJlLjkg_zKoJE44b5yik.5rhgpFnNbpb4H133ICQG6oQX96LE2WYy.fbz8rAZrAOp7_DMMtN3nLQ
.linkedin.com/ Name: bcookie
Value: "v=2&9a02e1ef-a34a-4d0b-89de-b17b97e55e89"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzA0NzczNDU7MjswMjHGyyKWU9yhQYjRyTKFTQEGXHHgsWdsE9ens8E4tu6sFQ==
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3364:u=1:x=1:i=1730477345:t=1730563745:v=2:sig=AQGktQ1QcGVFsDP4_fDAztOZk2kfUwGG"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
a.gemini.com/ Name: _immortal|deviceToken
Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..N0Z9gSTH5cjhBQMQ.H0oBQ88S4Ta8QkbBlHTGi8dXwjk453uSKNMTKUlVrxuZnv439wIj7XWsEAzUlXI9qeoxUJHF7jPHNFFiwH1gKi2_w8ZAdnuQkAi7DWOEksaBd2E0KREbKfI0YMWscnAOlS_wvUWAVIectkIvMPYXKe_ZLyotDT7AhJJtZTvveSE9CrSeJWLJXUL30umjN5ffs9IxZ5O9FSQ8cjAE1xxtnuHcrzlUBFl2lmHFg10YezVmzandStm2l9EnqlRBG7KYAjpsNkTgn-X_DPp8WTlIOt3ITsQG.c4FyCIbfqHxrgwYCT21Lqw
.exchange.gemini.com/ Name: aws-waf-token
Value: 2dbe769d-9658-42e1-a95b-86b21e67d636:EQoAumFwtRSpAAAA:G9L8K/qD1NPLRstzvKUhfttO6QbIdXiqh4X/kBWEyljzoRUEPMvsDS1pxfBA76DWxXbRwlRUkgsHthbKcn+GsCB564KzQnqtV6xJ0wbwUyaBId46VhKTJifxZpoBeCdtcfkh0G+G6cfrDdqtE/dgz55QVgJrQKdDuCSenjAzNNZ3DvRNVwxX3884mnh9sE5EpODlCltdfJEVHyBpM0pfv4BjLUovbva1tfda8salNLHU6s7KgzMTHnOI+SSs66MTMTdIZfi+qAc6xdHb9bpcgfRM8KDKJy37CYqBog==

1 Console Messages

Source Level URL
Text
rendering warning URL: https://exchange.gemini.com/signin
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090E5005C280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e5fa68d596e.0421493d.us-east-1.token.awswaf.com
9e5fa68d596e.us-east-1.sdk.awswaf.com
a.gemini.com
analytics.twitter.com
api.mixpanel.com
assets.gemini.com
bat.bing.com
bat.bing.net
connect.facebook.net
exchange.gemini.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iwnz0ofcuhfwjncwat7v4t07ga84flv7.d.sardine.ai
o472445.ingest.sentry.io
p.clarity.ms
p.gemini.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sc-static.net
sdk.iad-03.braze.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trkn.us
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
sc-static.net
104.244.42.67
13.107.42.14
13.32.99.74
130.211.34.183
142.250.181.226
142.250.185.68
142.250.186.67
157.240.253.1
157.240.253.35
162.159.140.229
172.217.18.98
172.217.23.99
172.64.151.210
18.239.83.67
199.232.188.157
2.18.64.70
20.122.63.128
2001:4860:4802:32::36
2600:1901:0:40b::
2600:9000:266e:1e00:1a:e26f:c2c0:93a1
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:800::200e
2a00:1450:4001:811::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9c
2a02:26f0:480:15::213:7e63
2a03:2880:f177:185:face:b00c:0:25de
34.120.14.251
34.120.195.249
34.36.120.137
34.67.241.53
99.83.200.252
03c79674b7d763fcde518d828381358a1b89e16e72442c166ead858a710bb7c8
05c362bd48e67b7a442ce2470b259a424596beb8b225401e5cdc627b654f0d06
07703128c81c030b6d492763c3ee9ca1e6728aa2cc5276d89a2204dc5836ff62
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da5d08bddf7521ab0729613fda0da1b4d3353957aa14ee19488a441ecab7a39
2656800f3e162d5bf70d2f0c63a877c6c2eed9799128878b3192b84e7178d3f0
28491659668053e928b7794f2716f7b458c93f62457b54e1e60c817baa7dd03d
2b467f3a164c254d24d1fb6da0322345eeff37aadd9a8386024864d959f073db
2f1fdf3d093765e1a568b3953a59154929fc1191db803b896b7cb84734161530
404a90f773ca4964152e9d983819dd569b2789eee7a5e8954ca0f9deebd838da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e2d13cf813d96d3c9b134e00fb8882d9c0af7ae4319dd52e0a35a2a832b21cb
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70b869c2cf6c1e243f3372a07660ccdd90bf0ee5397b983a604b0a314ac4e765
71f8635cb9a7ffe3fe62d8fe8b55fdc5a610085b45d6fc0c05de9af4ab7e391a
72a12767c6b54eda8a896127a923a20087bc8ab1bd5afd60dbe2e0cea916cb57
76fad79184fcfdb8d2307d6b10afe1a5b3f9ac88937c0f05edfbf05633b3176f
7ca0e5699402ed70650d6d4a77eb296e9f31cdf231d2cc55dc9a1f0595e3a2c6
7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b
8155f571b5c2eae8a09c0abda561da5261ab1b64b5f6c3204cb4e0009ab74c8b
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a6dbfda9fb522e0fb4d8246700bf7b52878def13224d4b3c8172bb375ef73c2
8b40b916adb81a751d209e8e5c1936df98fa5e31a52db0d4c6929b23f446b248
8eaa49f39f9d29e7be9c827c6b2dd5d6fb7d6af2e0f7c19560f215e905deab3d
9306baf39c8201f31f3006efe34370ea33ad5d0833d7acd9dee3fc2a258f9c33
9eb37c979708b0638d3ed44407430be895fd82d6806746c9fd2bac273a515517
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
b4a63063fdd3803c2627047ce24972ad7b4a9687d414d37f1920ceb923320ed3
bf6570a72929f0df02233a09eb6317c147d04493b2a0a90d67dfff8a7ca0bbc2
d492c26a987889bfe41bb483657a1d888c7ed54c36c39593709f75bbae6aa2d6
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
dd6ae70973cd81b76f9ff7e134fe379eba834709ce3fef50355a2ef11e9c0e32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e058cb13783aa76bedf487ce7411485a67dc9fbd4e3efe4c821a853aebe485f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3719d7b4290056ecf6732d435598f2ce4c02dc13c000bfe3dc92fdaa945384
ec14ac5808a66b1505af674f9f6e5e9b1181c249941fb3a6715a1024a1b28286
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f51a8a5f323473741b255ba55b993d34d3f0fd0eb62b46ee44fe44150aa51ada
f632c4bc2898ee5c364c2d23a0b6af10a21f7ed03b0a1ef025ce1dabca712a09