geminiadvisory.io Open in urlscan Pro
35.196.155.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-d=
Effective URL:
https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Submission: On March 13 via api (March 13th 2020, 5:51:17 pm UTC) from US

Summary HTTP 53 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 53 HTTP transactions. The main IP is 35.196.155.22, located in United States and belongs to GOOGLE, US. The main domain is geminiadvisory.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 15th 2020. Valid for: 3 months.

This is the only time geminiadvisory.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	35.196.155.22 35.196.155.22	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2606:4700:10:... 2606:4700:10::6814:6f27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
53	10

22 35.196.155.22 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.155.196.35.bc.googleusercontent.com

geminiadvisory.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staging.geminiadvisory.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:6f27 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

widgets.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	geminiadvisory.io 1 redirects geminiadvisory.io staging.geminiadvisory.io	308 KB
16	wp.com i1.wp.com i0.wp.com i2.wp.com stats.wp.com widgets.wp.com pixel.wp.com	241 KB
7	gstatic.com fonts.gstatic.com	76 KB
3	addtoany.com static.addtoany.com	59 KB
3	gravatar.com secure.gravatar.com	9 KB
2	facebook.com graph.facebook.com	914 B
1	googleapis.com fonts.googleapis.com	1 KB
53	7

	Domain	Requested by
18	geminiadvisory.io	1 redirects geminiadvisory.io
7	fonts.gstatic.com	geminiadvisory.io
7	i0.wp.com	geminiadvisory.io
4	staging.geminiadvisory.io	geminiadvisory.io
3	static.addtoany.com	geminiadvisory.io static.addtoany.com
3	secure.gravatar.com	geminiadvisory.io
3	i2.wp.com	geminiadvisory.io
2	pixel.wp.com	geminiadvisory.io
2	graph.facebook.com	geminiadvisory.io static.addtoany.com
2	i1.wp.com	geminiadvisory.io
1	widgets.wp.com	geminiadvisory.io
1	stats.wp.com	geminiadvisory.io
1	fonts.googleapis.com	geminiadvisory.io
53	13

This site contains links to these domains. Also see Links.

Domain
support.geminiadvisory.io
www.cpomagazine.com
blog.trendmicro.com
www.zdnet.com
marinesan.com
www.sunshinegolfballs.com
www.monsterjam.com
www.linkedin.com
www.youtube.com
twitter.com
www.facebook.com
blah2979.zendesk.com
www.addtoany.com

Subject Issuer	Validity	Valid
geminiadvisory.io Let's Encrypt Authority X3	`2020-02-15` - `2020-05-15`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
staging.geminiadvisory.io Let's Encrypt Authority X3	`2020-02-17` - `2020-05-17`	3 months	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-10` - `2020-06-17`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Frame ID: 6709693EE9EA00454DE7F651C960D914
Requests: 54 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202011
Frame ID: 96931E833FF0D381A08BA05A92446CFA
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 2F436598AF5FE8CB0D2ADBAEB57BD216
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-d= HTTP 301
https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

53
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

13
Subdomains

10
IPs

3
Countries

713 kB
Transfer

1199 kB
Size

1
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://support.geminiadvisory.io/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.cpomagazine.com/cyber-security/more-magecart-attacks-volusion-ecommerce-platform-breached-thousands-of-online-stores-compromised/
Title: reportedly occurred

Search URL Search Domain Scan URL

URL: https://blog.trendmicro.com/trendlabs-security-intelligence/fin6-compromised-e-commerce-platform-via-magecart-to-inject-credit-card-skimmers-into-thousands-of-online-shops/
Title: According to Trend Micro

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/hackers-breach-volusion-and-start-collecting-card-details-from-thousands-of-sites/
Title: ZDNet included

Search URL Search Domain Scan URL

URL: https://marinesan.com/
Title: Marine Sanitation & Supply

Search URL Search Domain Scan URL

URL: http://www.sunshinegolfballs.com/
Title: Sunshine Golf

Search URL Search Domain Scan URL

URL: https://www.monsterjam.com/en-US/photos/miami-fl
Title: Monster Jam Store

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/geminiadvisory/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaJ4hkDJhcWGnLBAnn3umjQ/videos
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/geminiadvisory
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeminiAdvisory/
Title:

Search URL Search Domain Scan URL

URL: https://blah2979.zendesk.com/auth/v2/login/registration
Title: Register

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-d= HTTP 301
https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Redirect Chain

https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-d=
https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

62 KB
14 KB

109ms
109ms

Document
text/html

35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

3153239c39a5632d7e7d27fb8927e0d259e67c88a1d4f932ae01ba8e047c5ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Host: geminiadvisory.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Server: Apache/2.4.25 (Debian)
X-Pingback: https://geminiadvisory.io/xmlrpc.php
Link: <https://geminiadvisory.io/wp-json/>; rel="https://api.w.org/", <https://wp.me/p9lDiK-d7>; rel=shortlink
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Mar 2020 17:34:51 GMT
ETag: "8f3ddb65d59d95c9619ad33c250bf47d"
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 13 Mar 2020 17:50:57 GMT
Server: Apache/2.4.25 (Debian)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK a5ff7.css
geminiadvisory.io/wp-content/cache/minify/ 40 KB
6 KB 228ms
137ms Stylesheet
text/css 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/a5ff7.css

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Nov 2019 00:00:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1573603206;gz"
X-Frame-Options: sameorigin
Content-Type: text/css; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 6114
Keep-Alive: timeout=5, max=98
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39727e2a55ce3d3b3d0bb5e239bb095af2929f2a3ad0dd55010fa487452cbaab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 13 Mar 2020 17:50:58 GMT
server: ESF
date: Fri, 13 Mar 2020 17:50:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Mar 2020 17:50:58 GMT

GET
H/1.1 200
OK 932e9.css
geminiadvisory.io/wp-content/cache/minify/ 159 KB
50 KB 543ms
330ms Stylesheet
text/css 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/932e9.css

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

19530de1d8f72a7b733c1d1e0195482810d00992b0b0d3c928d789f9bf1a22cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: text/css; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 50911
Keep-Alive: timeout=5, max=100
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H/1.1 200
OK df983.js Show response
geminiadvisory.io/wp-content/cache/minify/ 104 KB
37 KB 551ms
338ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/df983.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

b1d632e14af12052c0c8a9aa8146b6fa2dfb36ce81d8c0ce04804db0bcd1f2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 May 2019 00:00:05 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1558483205;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 37153
Keep-Alive: timeout=5, max=100
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H/1.1 200
OK 008d6.js Show response
geminiadvisory.io/wp-content/cache/minify/ 5 KB
2 KB 397ms
184ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/008d6.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

cd74239c500831bb7c01adf6f10b480a61294a6045bcaefc8845f19d28fa6d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 1712
Keep-Alive: timeout=5, max=100
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H2 200 geminy-advisory-logo.png
i1.wp.com/geminiadvisory.io/wp-content/uploads/2017/09/ 1 KB
2 KB 42ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/geminiadvisory.io/wp-content/uploads/2017/09/geminy-advisory-logo.png?fit=106%2C34&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

54ca908ba70e96295614c70dc2644d73617efbea0c423fae48b63a2ac559a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 7
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 544
last-modified: Wed, 26 Feb 2020 09:21:00 GMT
server: nginx
etag: "5fd235c7646c43a3"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2017/09/geminy-advisory-logo.png>; rel="canonical"
content-length: 1512
expires: Fri, 25 Feb 2022 21:21:00 GMT

GET
H2 200 Volusion_FI.jpg
i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/ 40 KB
40 KB 45ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/Volusion_FI.jpg?resize=780%2C390&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

930e447c8dbcec3c51e894e10d821a5109cdf1e8227fa6507a2b21917fdd3af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 7
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 40758
last-modified: Thu, 12 Mar 2020 15:12:56 GMT
server: nginx
etag: "a444b41868e37a5e"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2020/03/Volusion_FI.jpg>; rel="canonical"
content-length: 40572
expires: Sun, 13 Mar 2022 03:12:56 GMT

GET
H2 200 Volusion_img1.png
i2.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/ 114 KB
115 KB 19ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/Volusion_img1.png?w=1024&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2f6842584cb42fc1caa0c1baed0303d6a3ddfb62d68a66c4332e84ba6c295f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 8
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 763999
last-modified: Thu, 12 Mar 2020 15:12:56 GMT
server: nginx
etag: "60d7af47d0130dde"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2020/03/Volusion_img1.png>; rel="canonical"
content-length: 116988
expires: Sun, 13 Mar 2022 03:12:56 GMT

GET
H2 200 Volusion_img2.png
i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/ 14 KB
15 KB 16ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/03/Volusion_img2.png?resize=1024%2C507&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

7b534680c255c3476e304a99cba262c072259a62b96ddd75627e9c7e12cc45b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 3
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 49273
last-modified: Thu, 12 Mar 2020 15:12:57 GMT
server: nginx
etag: "c16384c2154f8d10"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2020/03/Volusion_img2.png>; rel="canonical"
content-length: 14650
expires: Sun, 13 Mar 2022 03:12:57 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
geminiadvisory.io/wp-includes/js/ 14 KB
5 KB 255ms
106ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Wed, 13 Nov 2019 00:00:06 GMT
Server: Apache/2.4.25 (Debian)
ETag: "362a-5972f0c1f1a44-gzip"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4626
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97

GET
H2 200 Wawa_AI.jpg
i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/01/ 13 KB
13 KB 16ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/01/Wawa_AI.jpg?resize=200%2C200&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

53d0034165bbac8b0946dce43feab7cf717241accdc77cf781827777018acd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 1
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 7030
last-modified: Tue, 03 Mar 2020 07:29:58 GMT
server: nginx
etag: "f086c70183b8a50a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2020/01/Wawa_AI.jpg>; rel="canonical"
content-length: 13338
expires: Thu, 03 Mar 2022 19:29:58 GMT

GET
H2 200 AU_AI.png
i2.wp.com/geminiadvisory.io/wp-content/uploads/2019/10/ 3 KB
3 KB 16ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/geminiadvisory.io/wp-content/uploads/2019/10/AU_AI.png?resize=200%2C200&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

75f792f7f84564474e9e764253c0956fe34f10cde9757605ec6754e5cf0c14bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 7
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 48413
last-modified: Tue, 03 Mar 2020 07:29:58 GMT
server: nginx
etag: "2bb7ca09b2ce55bf"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2019/10/AU_AI.png>; rel="canonical"
content-length: 3250
expires: Thu, 03 Mar 2022 19:29:58 GMT

GET
H2 200 Click2Gov_img.jpg
i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/09/ 12 KB
12 KB 17ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/09/Click2Gov_img.jpg?resize=200%2C200&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f49c9ef7a337e42302b9ac62d964d9851ac871906d9a6160388e54fdc399f6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 8
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 5803
last-modified: Tue, 03 Mar 2020 07:29:58 GMT
server: nginx
etag: "95f6ce15ade62f02"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2019/09/Click2Gov_img.jpg>; rel="canonical"
content-length: 12320
expires: Thu, 03 Mar 2022 19:29:58 GMT

GET
H2 200 SouthKoreaBlog_Banner.png
i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/08/ 4 KB
4 KB 18ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/08/SouthKoreaBlog_Banner.png?resize=200%2C200&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5585c1ece1d1b2a53ef1eeee44d3deedde882279de0395f9f334b5b8e4b789f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 8
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 44507
last-modified: Tue, 03 Mar 2020 07:29:58 GMT
server: nginx
etag: "79819bb92a967d39"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2019/08/SouthKoreaBlog_Banner.png>; rel="canonical"
content-length: 4350
expires: Thu, 03 Mar 2022 19:29:58 GMT

GET
H2 200 geminy-advisory-logo-dark.png
i2.wp.com/geminiadvisory.io/wp-content/uploads/2017/09/ 2 KB
2 KB 15ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/geminiadvisory.io/wp-content/uploads/2017/09/geminy-advisory-logo-dark.png?fit=106%2C34&ssl=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6afc1c9c84d077197a22166248b95e479f268bc6c3c7ef84d23e69d4b14f4f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 6
date: Fri, 13 Mar 2020 17:50:58 GMT
x-content-type-options: nosniff
x-bytes-saved: 224
last-modified: Wed, 26 Feb 2020 09:21:01 GMT
server: nginx
etag: "cb70eb8fb68712bc"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2017/09/geminy-advisory-logo-dark.png>; rel="canonical"
content-length: 1752
expires: Fri, 25 Feb 2022 21:21:01 GMT

GET
H/1.1 200
OK icon-linkedin.png
staging.geminiadvisory.io/wp-content/uploads/2017/10/ 276 B
623 B 369ms
105ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging.geminiadvisory.io/wp-content/uploads/2017/10/icon-linkedin.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

cdb8a856a5421388d03c75a0e9e89908e4f9e27d892bd8e7a967b58e29f82839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2017 03:10:46 GMT
Server: Apache/2.4.25 (Debian)
ETag: "114-55c5666d91980"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 276

GET
H/1.1 200
OK icon-youtube.png
staging.geminiadvisory.io/wp-content/uploads/2017/10/ 300 B
647 B 369ms
105ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging.geminiadvisory.io/wp-content/uploads/2017/10/icon-youtube.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

92538cb558af3071ad00f74ce2eb989b7591d17d8f19136ef50eb78da2d17bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2017 03:10:47 GMT
Server: Apache/2.4.25 (Debian)
ETag: "12c-55c5666e85bc0"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 300

GET
H/1.1 200
OK twitter.png
staging.geminiadvisory.io/wp-content/uploads/2018/06/ 1 KB
2 KB 370ms
104ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging.geminiadvisory.io/wp-content/uploads/2018/06/twitter.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

33e4a448193342cf2037d824fbd53ff35c4d873b1acfa693cd95fc4e63bab88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Jun 2018 18:36:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "534-56e62064930f6"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1332

GET
H/1.1 200
OK facebook.png
staging.geminiadvisory.io/wp-content/uploads/2018/06/ 1 KB
2 KB 372ms
105ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging.geminiadvisory.io/wp-content/uploads/2018/06/facebook.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

06b800583aa8ab104214f0288fd3baeb186b4997dfa913d232eb3b683001e94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Jun 2018 18:36:14 GMT
Server: Apache/2.4.25 (Debian)
ETag: "55b-56e6206456821"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1371

GET
H/1.1 200
OK 38215.js Show response
geminiadvisory.io/wp-content/cache/minify/ 755 B
877 B 296ms
187ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/38215.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 419
Keep-Alive: timeout=5, max=100
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 20 KB
7 KB 26ms
6ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=2020Maraa
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 17:50:58 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 15:01:14 GMT
server: nginx
etag: W/"5b7ecc3a-50bc"
content-type: application/javascript
status: 200
cache-control: max-age=604800
expires: Fri, 20 Mar 2020 17:50:58 GMT

GET
H/1.1 200
OK 45e6a.js Show response
geminiadvisory.io/wp-content/cache/minify/ 58 KB
17 KB 198ms
196ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/45e6a.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

625469519d7f8e6a573c86b45f52631c740678003e6e43a669cebebaa8c53912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 17049
Keep-Alive: timeout=5, max=96
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H/1.1 200
OK cbb88.js Show response
geminiadvisory.io/wp-content/cache/minify/ 10 KB
5 KB 186ms
185ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/cbb88.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

d3bafe0eb0d0dd3704b93ce6c662be5f789d518fc27b07a4d53619449887da50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4168
Keep-Alive: timeout=5, max=99
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H/1.1 200
OK ca952.js Show response
geminiadvisory.io/wp-content/cache/minify/ 45 KB
14 KB 146ms
146ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/ca952.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

2d95865a79047fdec7601e7657b428fc36e2414828942c34167fd404ac63d5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 14172
Keep-Alive: timeout=5, max=95
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H/1.1 200
OK d6089.js Show response
geminiadvisory.io/wp-content/cache/minify/ 8 KB
3 KB 144ms
144ms Script
application/x-javascript 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/cache/minify/d6089.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

1e99034e4b75a1fb7ba372a3a950fa19ff4688d8561479b1a34dfcbde83ff3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: private
Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 04 Mar 2020 00:00:07 GMT
Server: Apache/2.4.25 (Debian)
ETag: "pri1583280007;gz"
X-Frame-Options: sameorigin
Content-Type: application/x-javascript; charset=utf-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 2609
Keep-Alive: timeout=5, max=98
Expires: Sat, 13 Mar 2021 17:50:58 GMT

GET
H2 200 e-202011.js Show response
stats.wp.com/ 9 KB
3 KB 48ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202011.js
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 17:50:58 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 08 Mar 2021 06:29:46 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 80 KB
26 KB 51ms
31ms Script
application/javascript 2606:4700:10::6814:6f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 17:50:58 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 115716
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Sat, 01 Feb 2020 08:08:40 GMT
server: cloudflare
etag: W/"13f93-59d7f32b0419d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-ray: 573799b21f9c96e0-FRA
cf-bgj: minify

GET
H/1.1 200
OK spherical-points.png
geminiadvisory.io/wp-content/themes/geminiadvisory/img/ 89 KB
90 KB 105ms
105ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiadvisory.io/wp-content/themes/geminiadvisory/img/spherical-points.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

6d64d0ea587f2614d2368c283dce71ab9a0b93814c3703890f46f6253440ae01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/wp-content/cache/minify/932e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Referrer-Policy
Last-Modified: Mon, 28 May 2018 13:29:29 GMT
Server: Apache/2.4.25 (Debian)
ETag: "164aa-56d441b78b605"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 91306
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK panel-bg-sphere.png
geminiadvisory.io/wp-content/themes/geminiadvisory/img/ 17 KB
17 KB 106ms
106ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiadvisory.io/wp-content/themes/geminiadvisory/img/panel-bg-sphere.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

cef397e6c344ae763be741348c8190adff9630e9bf925cdd6600b32e2d51cbe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/wp-content/cache/minify/932e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Referrer-Policy
Last-Modified: Mon, 28 May 2018 13:29:26 GMT
Server: Apache/2.4.25 (Debian)
ETag: "4367-56d441b4ca45b"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 17255
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK icon-magnifying-glass.png
geminiadvisory.io/wp-content/themes/geminiadvisory/img/ 770 B
1 KB 106ms
105ms Image
image/png 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiadvisory.io/wp-content/themes/geminiadvisory/img/icon-magnifying-glass.png

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

18e396646d7e3889dcba2b001ecf42cc7c2b13e5cd2dd56df4e70d23481e3b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/wp-content/cache/minify/932e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Referrer-Policy
Last-Modified: Mon, 28 May 2018 13:29:25 GMT
Server: Apache/2.4.25 (Debian)
ETag: "302-56d441b40117d"
X-Frame-Options: sameorigin
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 770
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
DATA 200
OK truncated
/ 189 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73182bafcf4ff93c9483801f29e8b0ad3020245a93bfa1d1de52311d274607eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK preloader-2.gif
geminiadvisory.io/wp-content/themes/geminiadvisory/img/ 36 KB
36 KB 109ms
106ms Image
image/gif 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiadvisory.io/wp-content/themes/geminiadvisory/img/preloader-2.gif

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

3dc63758bebd4ae5516af8c9f8938f3cd6e28a46285664bd4e2548798eae0b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/wp-content/cache/minify/932e9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Referrer-Policy
Last-Modified: Mon, 28 May 2018 13:29:27 GMT
Server: Apache/2.4.25 (Debian)
ETag: "8e62-56d441b5d2ee3"
X-Frame-Options: sameorigin
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 36450
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 01:33:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 749834
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13640
x-xss-protection: 0
expires: Fri, 05 Mar 2021 01:33:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:43:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:37 GMT
server: sffe
age: 3690437
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13560
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:43:41 GMT

GET
H/1.1 200
OK fontello.woff2
geminiadvisory.io/wp-content/themes/geminiadvisory/assets/icons/font/ 2 KB
3 KB 106ms
106ms Font
application/font-woff2 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/wp-content/themes/geminiadvisory/assets/icons/font/fontello.woff2?61985234

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

9a4d92c9cfd9d8c39781680a21c616f171da4ff10b0d2c9d5aad92c640f80605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://geminiadvisory.io/wp-content/cache/minify/932e9.css
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
Content-Encoding: gzip
Referrer-Policy
Server: Apache/2.4.25 (Debian)
ETag: "93c-56b5293a3a169-gzip"
X-Frame-Options: sameorigin
Content-Type: application/font-woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2387
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:00:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 1529437
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:00:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:19:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 261111
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:19:07 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1545420
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:33:58 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 262210
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%7COpen+Sans%3A300%2C400%2C500%2C600%2C700&ver=20151215
Origin: https://geminiadvisory.io
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 237284
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Wed, 10 Mar 2021 23:56:14 GMT

GET
DATA 200
OK truncated
/ 18 KB
18 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c

Request headers

Origin: https://geminiadvisory.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 master.html
widgets.wp.com/likes/ Frame 9693 0
0 57ms
13ms Document
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/likes/master.html?ver=202011
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: widgets.wp.com
:scheme: https
:path: /likes/master.html?ver=202011
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Response headers

status: 200
server: nginx
date: Fri, 13 Mar 2020 17:50:59 GMT
content-type: text/html
last-modified: Thu, 21 Mar 2019 13:37:08 GMT
vary: Accept-Encoding
etag: W/"5c939384-84e"
content-encoding: gzip
x-ac: 2.ams _dfw
x-nc: HIT ams 2

GET
H/1.1 200
OK / Show response
geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/ 3 KB
3 KB 140ms
140ms XHR
application/json 35.196.155.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/?relatedposts=1

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/wp-content/cache/minify/df983.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.196.155.22 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

22.155.196.35.bc.googleusercontent.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e442fb9e1d7e0c78a173f2a691d2a892216b0928cf2f436aa1678ebbf2ecdc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Mar 2020 17:50:58 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.25 (Debian)
X-Frame-Options: sameorigin
X-Pingback: https://geminiadvisory.io/xmlrpc.php
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 7 KB
2 KB 6ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2020Maraa
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/wp-content/cache/minify/df983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 13 Mar 2020 17:50:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-1a2e"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 20 Mar 2020 17:50:59 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
564 B 6ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=2020Maraa
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/wp-content/cache/minify/df983.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 13 Mar 2020 17:50:59 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 20 Mar 2020 17:50:59 GMT

GET
H2 200 / Show response
graph.facebook.com/ 224 B
607 B 53ms
41ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fgeminiadvisory.io%2Fbreached-volusion-card-data-surfaces-in-dark-web%2F&_=1584121858874

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/wp-content/cache/minify/df983.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2ad2bcc4b0ef52986c4bd42962601e4d19dc523d925a435c7c473ec0d15d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 13 Mar 2020 17:50:59 GMT, Fri, 13 Mar 2020 17:50:59 GMT
x-fb-rev: 1001836724
alt-svc: h3-27=":443"; ma=3600
content-length: 135
pragma: no-cache
x-fb-debug: FcNoRswG1ONtIF6wQEdmtFq61Ddy2SiwDfFxS5Cd21EnVqVWUIQSPyhNtmAaojpA63IcKlPPC7zqCMoeyeCEYA==
x-fb-trace-id: Epc9B0IO0Id
etag: "6784545fb6ed39145075e964e3724f922df91e5e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AlMHJ_Jrk2UcD3kLV-0tc7f
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 14ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.9979946505844339
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 13 Mar 2020 17:50:59 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 13ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.3&blog=138142990&post=813&tz=-4&srv=geminiadvisory.io&host=geminiadvisory.io&ref=&fcp=1298&rand=0.030131981633034544
Requested by: Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 13 Mar 2020 17:50:59 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 sm.22.html
static.addtoany.com/menu/ Frame 2F43 0
0 13ms
12ms Document
text/html 2606:4700:10::6814:6f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.22.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.22.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Response headers

status: 200
date: Fri, 13 Mar 2020 17:50:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d1f193a0b8e5f1e8fbb3c1709ac579d891584121859; expires=Sun, 12-Apr-20 17:50:59 GMT; path=/; domain=.addtoany.com; HttpOnly; SameSite=Lax; Secure
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Thu, 03 Oct 2019 06:59:00 GMT
etag: W/"70f-593fc1ec1791b"
cache-control: max-age=315360000, immutable
age: 634120
vary: Accept-Encoding
via: e5s
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 573799b328a796e0-FRA
content-encoding: br

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 18ms
18ms Script
application/javascript 2606:4700:10::6814:6f27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:6f27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 13 Mar 2020 17:50:59 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3055650
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-ray: 573799b328af96e0-FRA
cf-bgj: minify

GET
H2 200 pakistan-banner.png
i1.wp.com/geminiadvisory.io/wp-content/uploads/2019/03/ 4 KB
4 KB 14ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/geminiadvisory.io/wp-content/uploads/2019/03/pakistan-banner.png?fit=860%2C430&ssl=1&resize=350%2C200

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a125edbb8d0dd014ab0f196f6c10b3c353a62237e29293975519999302e3646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 8
date: Fri, 13 Mar 2020 17:50:59 GMT
x-content-type-options: nosniff
x-bytes-saved: 46707
last-modified: Wed, 04 Mar 2020 17:12:49 GMT
server: nginx
etag: "9d813df57a2b4e12"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2019/03/pakistan-banner.png>; rel="canonical"
content-length: 4352
expires: Sat, 05 Mar 2022 05:12:49 GMT

GET
H2 200 Wawa_AI.jpg
i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/01/ 19 KB
20 KB 16ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2020/01/Wawa_AI.jpg?fit=1200%2C800&ssl=1&resize=350%2C200

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

49cd7b9c6f6f7bdd027b881d7fd23a33116c726c036212201f2d249abe757e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 1
date: Fri, 13 Mar 2020 17:50:59 GMT
x-content-type-options: nosniff
x-bytes-saved: 12283
last-modified: Wed, 04 Mar 2020 17:12:49 GMT
server: nginx
etag: "e26187f25de12c9a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2020/01/Wawa_AI.jpg>; rel="canonical"
content-length: 19864
expires: Sat, 05 Mar 2022 05:12:49 GMT

GET
H2 200 SouthKoreaBlog_Banner.png
i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/08/ 8 KB
8 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geminiadvisory.io/wp-content/uploads/2019/08/SouthKoreaBlog_Banner.png?fit=860%2C430&ssl=1&resize=350%2C200

Requested by

Host: geminiadvisory.io
URL: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

61afcf827f6ff9da47702d5aaa287e2d604010d11f17ebfa4f4d59ecbeaf9623

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT ams 8
date: Fri, 13 Mar 2020 17:50:59 GMT
x-content-type-options: nosniff
x-bytes-saved: 81891
last-modified: Tue, 10 Mar 2020 08:27:56 GMT
server: nginx
etag: "41646d31ff08bfc1"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://geminiadvisory.io/wp-content/uploads/2019/08/SouthKoreaBlog_Banner.png>; rel="canonical"
content-length: 8220
expires: Thu, 10 Mar 2022 20:27:56 GMT

GET
H2 200 / Show response
graph.facebook.com/ 123 B
307 B 37ms
37ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?fields=og_object%7Bengagement%7D&id=https%3A%2F%2Fgeminiadvisory.io%2Fbreached-volusion-card-data-surfaces-in-dark-web%2F&callback=a2a.counters.facebook.cb1

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68ee98b7df9d1660f8a7bfd15f172f1e825f4cfbc5e23fc10ceeebb3bdfe8ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://geminiadvisory.io/breached-volusion-card-data-surfaces-in-dark-web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 13 Mar 2020 17:50:59 GMT, Fri, 13 Mar 2020 17:50:59 GMT
x-fb-rev: 1001836724
alt-svc: h3-27=":443"; ma=3600
content-length: 123
pragma: no-cache
x-fb-debug: eB9o/iMxdy820CwwavvDOCvP8VcwsendknnK06eKprfkDg0Rx6kwpxopLxrPSxCN1ly1ujP17KWaNtpW34Hvyw==
x-fb-trace-id: BGEBhaXyOfh
etag: "7580de6efd54201079be39cce352ab46568083d2"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AFazSY0wcRa4FeqhTR2eiDh
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.addtoany.com/	1970-01-19 08:03:28	Name: uvc Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://geminiadvisory.io/wp-content/cache/minify/df983.js(Line 4) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
geminiadvisory.io
graph.facebook.com
i0.wp.com
i1.wp.com
i2.wp.com
pixel.wp.com
secure.gravatar.com
staging.geminiadvisory.io
static.addtoany.com
stats.wp.com
widgets.wp.com
192.0.76.3
192.0.77.2
192.0.77.32
2606:4700:10::6814:6f27
2a00:1450:4001:814::2003
2a00:1450:4001:821::200a
2a03:2880:f02d:e:face:b00c:0:2
2a04:fa87:fffe::c000:4902
35.196.155.22
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
06b800583aa8ab104214f0288fd3baeb186b4997dfa913d232eb3b683001e94b
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
18e396646d7e3889dcba2b001ecf42cc7c2b13e5cd2dd56df4e70d23481e3b32
19530de1d8f72a7b733c1d1e0195482810d00992b0b0d3c928d789f9bf1a22cb
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e99034e4b75a1fb7ba372a3a950fa19ff4688d8561479b1a34dfcbde83ff3d8
2d95865a79047fdec7601e7657b428fc36e2414828942c34167fd404ac63d5e2
2f6842584cb42fc1caa0c1baed0303d6a3ddfb62d68a66c4332e84ba6c295f42
3153239c39a5632d7e7d27fb8927e0d259e67c88a1d4f932ae01ba8e047c5ffb
33e4a448193342cf2037d824fbd53ff35c4d873b1acfa693cd95fc4e63bab88c
39727e2a55ce3d3b3d0bb5e239bb095af2929f2a3ad0dd55010fa487452cbaab
3dc63758bebd4ae5516af8c9f8938f3cd6e28a46285664bd4e2548798eae0b41
49cd7b9c6f6f7bdd027b881d7fd23a33116c726c036212201f2d249abe757e27
53d0034165bbac8b0946dce43feab7cf717241accdc77cf781827777018acd81
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54ca908ba70e96295614c70dc2644d73617efbea0c423fae48b63a2ac559a5ee
5585c1ece1d1b2a53ef1eeee44d3deedde882279de0395f9f334b5b8e4b789f8
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
61afcf827f6ff9da47702d5aaa287e2d604010d11f17ebfa4f4d59ecbeaf9623
625469519d7f8e6a573c86b45f52631c740678003e6e43a669cebebaa8c53912
68ee98b7df9d1660f8a7bfd15f172f1e825f4cfbc5e23fc10ceeebb3bdfe8ddd
6afc1c9c84d077197a22166248b95e479f268bc6c3c7ef84d23e69d4b14f4f3d
6d64d0ea587f2614d2368c283dce71ab9a0b93814c3703890f46f6253440ae01
73182bafcf4ff93c9483801f29e8b0ad3020245a93bfa1d1de52311d274607eb
75f792f7f84564474e9e764253c0956fe34f10cde9757605ec6754e5cf0c14bc
7b534680c255c3476e304a99cba262c072259a62b96ddd75627e9c7e12cc45b1
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c
92538cb558af3071ad00f74ce2eb989b7591d17d8f19136ef50eb78da2d17bcd
930e447c8dbcec3c51e894e10d821a5109cdf1e8227fa6507a2b21917fdd3af7
9a4d92c9cfd9d8c39781680a21c616f171da4ff10b0d2c9d5aad92c640f80605
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a125edbb8d0dd014ab0f196f6c10b3c353a62237e29293975519999302e3646d
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
b1d632e14af12052c0c8a9aa8146b6fa2dfb36ce81d8c0ce04804db0bcd1f2a9
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c2ad2bcc4b0ef52986c4bd42962601e4d19dc523d925a435c7c473ec0d15d274
cd74239c500831bb7c01adf6f10b480a61294a6045bcaefc8845f19d28fa6d2f
cdb8a856a5421388d03c75a0e9e89908e4f9e27d892bd8e7a967b58e29f82839
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
cef397e6c344ae763be741348c8190adff9630e9bf925cdd6600b32e2d51cbe5
d3bafe0eb0d0dd3704b93ce6c662be5f789d518fc27b07a4d53619449887da50
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e442fb9e1d7e0c78a173f2a691d2a892216b0928cf2f436aa1678ebbf2ecdc92
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f49c9ef7a337e42302b9ac62d964d9851ac871906d9a6160388e54fdc399f6c5

geminiadvisory.io Open in urlscan Pro 35.196.155.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

56 %IPv6

7 Domains

13 Subdomains

10 IPs

3 Countries

713 kBTransfer

1199 kBSize

1 Cookies

13 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

geminiadvisory.io Open in urlscan Pro
35.196.155.22 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

13
Subdomains

10
IPs

3
Countries

713 kB
Transfer

1199 kB
Size

1
Cookies

53 HTTP transactions
3 data transactions