urlscan.io logo urlscan.io
SecurityTrails logo

privatesale.gems.vip Open in urlscan Pro
2606:4700:20::681a:7bb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://privatesale.gems.vip/
Effective URL: https://privatesale.gems.vip/
Submission: On August 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 30 HTTP transactions. The main IP is 2606:4700:20::681a:7bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is privatesale.gems.vip.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.
This is the only time privatesale.gems.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 158.180.31.66 31898 (ORACLE-BM...)
1 3.73.104.221 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
30 12
11    2606:4700:20::681a:7bb (United States)

ASN13335 (CLOUDFLARENET, US)
privatesale.gems.vip
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    158.180.31.66 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)
cold-responsive-friday.quiknode.pro
1    3.73.104.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-104-221.eu-central-1.compute.amazonaws.com
ip.nf
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:6d6 (United States)

ASN13335 (CLOUDFLARENET, US)
api.iplocation.net
1    2606:4700:20::681a:6bb (United States)

ASN13335 (CLOUDFLARENET, US)
prod-api.gems.vip
Apex Domain
Subdomains		 Transfer
12 gems.vip
privatesale.gems.vip
prod-api.gems.vip
879 KB
7 quiknode.pro
cold-responsive-friday.quiknode.pro
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
964 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
39 KB
1 iplocation.net
api.iplocation.net — Cisco Umbrella Rank: 212290
721 B
1 gstatic.com
fonts.gstatic.com
22 KB
1 ip.nf
ip.nf — Cisco Umbrella Rank: 412999
472 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
31 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
13 KB
30 11
Domain Requested by
11 privatesale.gems.vip privatesale.gems.vip
7 cold-responsive-friday.quiknode.pro privatesale.gems.vip
2 fonts.googleapis.com privatesale.gems.vip
2 maxcdn.bootstrapcdn.com privatesale.gems.vip
1 prod-api.gems.vip privatesale.gems.vip
1 api.iplocation.net privatesale.gems.vip
1 fonts.gstatic.com fonts.googleapis.com
1 ip.nf privatesale.gems.vip
1 cdnjs.cloudflare.com privatesale.gems.vip
1 code.jquery.com privatesale.gems.vip
1 cdn.jsdelivr.net privatesale.gems.vip
1 use.fontawesome.com privatesale.gems.vip
30 12

This site contains no links.

Subject Issuer Validity Valid
gems.vip
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.quiknode.pro
E6		 2024-06-21 -
2024-09-19		 3 months crt.sh
ip.nf
R11		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
iplocation.net
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://privatesale.gems.vip/
Frame ID: 26545A836EB5A6870DED42F5E5B198E0
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gems Privatesale

Page URL History Show full URLs

  1. http://privatesale.gems.vip/ HTTP 307
    https://privatesale.gems.vip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

83 %
IPv6

11
Domains

12
Subdomains

12
IPs

2
Countries

1019 kB
Transfer

3938 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://privatesale.gems.vip/ HTTP 307
    https://privatesale.gems.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
privatesale.gems.vip/
Redirect Chain
  • http://privatesale.gems.vip/
  • https://privatesale.gems.vip/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904f27ce2c79f32880d9d25e674ef51cb0f68f8cb06ea98cf57ce87d500a6093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b4965ca2a8c91e9-FRA
content-disposition
inline; filename="index.html"
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 11:41:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2BIXgEh5qEcBOjiDbo1v0qs5fDm%2FfSN2IWajgVgIATvd4CPXSl%2BAZ5AXWc7gGft435UG4%2BauAU8gpkV7S7Cg1X5NqmEKweNk2eecCrToC8ShfdHsuEEQ4K3S5NkfT7e%2FwXBX663LsYX6sgqg%2B9QAgB%2FM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://privatesale.gems.vip/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
754519
cdn-cachedat
03/18/2024 12:51:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
442b942f6f1eb77402c27fa8cb332a6d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b4965ce5b0f2bdd-FRA
cdn-requestpullsuccess
True
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

Referer
https://privatesale.gems.vip/
Origin
https://privatesale.gems.vip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
109895
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wA7jVLQ0kMuShi7qwTZoiXe3sv2qWZzuNvkd%2F6EOsRfK8WngSBgqezvOa5lBR8EEqkLUyo8ucc0rqN9OeEe9iIpTHf7M%2BAGRy2bxeMUqB4Op%2FbvM4xb2YJDB4LtWy5YCY1LJQ8xa%2BgaDrmo1jdSNV%2FTx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8b4965ce6e8a9031-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		6 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300;400;500;600;700&display=swap
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40aadfc220e1fd00a778f6fe077c587a5754b3af605f4db38f6366c1c78f3e79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 11:22:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 11:41:54 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 		227 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatesale.gems.vip/
Origin
https://privatesale.gems.vip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9070493
x-jsd-version
5.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31168
x-served-by
cache-fra-eddf8230088-FRA, cache-lga21947-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P43jNwwd9OxCj5uZ6RAlejhhkejpjN1Lxgrvud29CHX1%2F01q2IkNKMuP28DoZ7HLUamNbZ2R4JLvC5MwYrWQR4IdCBzn6ra4VetO4qLK937U7EFXCyd%2BqaDBJZBxyCSMGj289wv2xvlXURXoWj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b4965ce7e104dc4-FRA
3.b28305bc.chunk.css
privatesale.gems.vip/static/css/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/static/css/3.b28305bc.chunk.css
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753f838ae53eac0bc6c51ee079caef9f221b00ae24c658b37310ab1eb8be0122

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65dd115045765141740d0a565c3b2da27002d543"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUtycycvEIYy6Po9S5UiqJfFFTBR2o0wPFgrc0T5TFVaobVho5r4wnOCDlXJwCVsVBsuc3g7jSzM%2BnScbxbtxC5Dve3STuYN7UFkfvW8eNUAF6J922HkNXTZAYN21XaZoZAa%2B2xJiKRkffS1TxKgcYOc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="3.b28305bc.chunk.css"
cf-ray
8b4965ce281391e9-FRA
main.d8565078.chunk.css
privatesale.gems.vip/static/css/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/static/css/main.d8565078.chunk.css
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc51c21f6b1a316c79a9a2709a7b1aedc3be7a2bb20e62deb868e5091ae796e

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d35095d21971538c8941ed378199510b2bc1e758"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Fuhr3%2B29%2Ft2i4Ehc815Zs2HomH2IA%2BmkLwIf50VGa5jNxYflYmvOoS%2BUFbzT%2Fr75ubXQDJKs1p7VbpMqCVUyuEmL%2FhuaN6raqVSwBu14ofE%2FSZVxSZ%2FZhpGaSEbakjCVyWYDeUOO4qNwXlAs3m9HiZW"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="main.d8565078.chunk.css"
cf-ray
8b4965ce281591e9-FRA
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
350913
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
23856
x-served-by
cache-lga21963-LGA, cache-fra-etou8220071-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1723894914.309907,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 5910
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
146315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QToX18S5saTuqXZRPUs5irr1P3OuzyUUiSjl%2BFarce6rWYQW2KmllAVM3sALlM%2BqP8aSfXU329txkXxW0omyCmtivpcgONANKn7CNsMIN7KllptmSaEncad%2BoOOwYM8VJmWM9TvOON58qbP3lDKouy%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b4965ce5cbb914c-FRA
expires
Thu, 07 Aug 2025 11:41:54 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11295887
cdn-cachedat
03/18/2024 12:46:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e3f3bfe1b89f7f16a5a4802a3640b8c7
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8b4965ce5b132bdd-FRA
cdn-requestpullsuccess
True
3.55d00752.chunk.js
privatesale.gems.vip/static/js/ 		3 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e547fbf932daa8f844fa15839fbea6958fae1273930f065675bd10050054739b

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f777efacb47f4422a54c73075a5eba112136fa95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qcjr05IBdQ6m8Dcv9vFpYurLWvKsy9p7G3XfI9Zd%2FcDK78%2Fz2MJABFhYQwU%2FZtCPKKfea8hgDD6fQXavc%2B0xeT3cFJsb6GRoUIEQ2aVfZ36n6WRDYaXX6S76%2F7ltJzU%2FTcFawZ%2FBpQA%2FEx1Qr9KvMYJk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="3.55d00752.chunk.js"
cf-ray
8b4965ce281a91e9-FRA
main.30fc42f8.chunk.js
privatesale.gems.vip/static/js/ 		377 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/static/js/main.30fc42f8.chunk.js
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dffa96889c1b499f02e302bd145f0b11c3f8b5faf6fee5fb6313e778e7d59d

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1c41d03fb4ad340e6ad1c77d8a35b1a56687daf9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCkeJwiNDSmHitdt%2BejIpX14kK5UVYB5dORYtalzaT3foL7Cf5UHJoY5zb%2FduqD%2BNnoz4pbUQaqGzRMjSN9HcL0DyfXuV9G6d6JwlqE%2F16QDbASYmkFxlpMh42mdkpyto3SqENOeTdL4ItMl20IoF%2BYi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename="main.30fc42f8.chunk.js"
cf-ray
8b4965ce281b91e9-FRA
css2
fonts.googleapis.com/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300;400;500;600;700&display=swap
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/css/main.d8565078.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40aadfc220e1fd00a778f6fe077c587a5754b3af605f4db38f6366c1c78f3e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 11:22:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 11:41:54 GMT
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://privatesale.gems.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,User-Agent
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://privatesale.gems.vip
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
x-node-id
ethereum_mainnet_fra
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		118 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f743e3548e50d8a0001320b697c4811b906cbc0017ea943cbfe4809d7a671761

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-1bdec8d7208d11d7
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
118
me.json
ip.nf/ 		239 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip.nf/me.json
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.73.104.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-104-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f92fb3559e9a819b0b73e941ad5cf7000375f908309aaf1e60dabeaed403dce

Request headers

Accept
application/json, text/plain, */*
Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://privatesale.gems.vip
date
Sat, 17 Aug 2024 11:41:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
239
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
leftimg.png
privatesale.gems.vip/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatesale.gems.vip/assets/leftimg.png
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb4cb8c6f3b224c88715c9dcc0ca7ccf74a54015bcd2a33cc419135c8b27450

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9c6d7fd69993c42e19f75ee78f4a8a05e4d5100d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAwVBbqbRCyh19wSgVksXk2D6KUIOY%2BK27ncC4%2BRSIdjseYYeikJybI5twkf8XQhmzBotmT2OQeK323%2BTEDPdLV4FOeEJjpeAbMa%2BC5e%2FJWfTR2WZlPAatluM215tiH4T7bE%2BrdMqdkYkMSRcKtFoqtM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename="leftimg.png"
accept-ranges
bytes
cf-ray
8b4965d31ec591e9-FRA
content-length
1206
rightimg.png
privatesale.gems.vip/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatesale.gems.vip/assets/rightimg.png
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39cb8f2a7112b042fb7428829c0cdb535a70bee874d20a63069463143e96d8fc

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"72b0305ef046aedb7501add7d7da1e7a7089f176"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDXNwtax2Pq8V0U%2F2kdAIqdDgz5kaSY5rwEv0xwOSvKULCMHML1LpT7BBrIEF5zg4Qwjgzp%2FC3AHzmFKNbIHha%2BI%2Bmh345U7FHoshMmLSI4wxiqfIPIp85rp%2FMezFKjVDMVbvPiMAe2AYwU7p2%2FFgCYG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename="rightimg.png"
accept-ranges
bytes
cf-ray
8b4965d31ecb91e9-FRA
content-length
1175
logo.svg
privatesale.gems.vip/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatesale.gems.vip/logo.svg
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14aa3bdfa2dfa5e3c82462b58ae7388a7c39958e5b633a27f08d745a351b1aa

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3691f3bff1d3d24e6b02e9ddda5feeae8949544f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SC7u9895AamPC38SsjtFh39jKW23SM8OX2H7XE4GsXDjI7Z3fuMSuTWMHv0HhCPqu6YlHRrDNgvZAmrJdZ5DC%2BLIEjwlLk0srzzVDs9E0GV2GltXjqVS4V4McZOa%2FBw%2FFZwz5k5GEcZRRdfsmYLOFhl0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
content-disposition
inline; filename="logo.svg"
cf-ray
8b4965d31ed091e9-FRA
newincentivlogo.svg
privatesale.gems.vip/assets/ 		827 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatesale.gems.vip/assets/newincentivlogo.svg
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e5882351ca19ebeab8a2f2a15cc74d3c1527120cb8526ed4b237acaf0ac32f

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"08e70c254d4168a401f487e30064e293a5f0c197"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUROOnlbmSYOy8GxlWVl%2BohnIkxDmCKXHltKTh4TKFUS3ubv6KDBE3llazThp71NBk5ErwfIi%2BwA%2BPjB01j7JWsPQnX6vKAaDiNLz9v4YsLsNzZZl3CmwTkQhFV%2BhEYI%2Fxuh0IKY4JEoj0NPz6LUcRtX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
content-disposition
inline; filename="newincentivlogo.svg"
cf-ray
8b4965d31ed891e9-FRA
mainloader.svg
privatesale.gems.vip/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privatesale.gems.vip/mainloader.svg
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a63f7a454f0cd4e36cb18df07822533d74e6352d5f38d3b6c9ac6e8381753a

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7e526030453dbe388f000ee668366b60284f80d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BP96WkxA87P3PnN7424GfUaplhbm8tCl1SOEPaARf%2Fit0rsaqxi00KDOhn%2BlxFx%2Fz7nSZ4y3OgopMXJ%2BWaTh5sOQbmp8COgBNm%2FGtITtSznZAG0OZTPuduXJgZTlB7c2h94Bnu9KLFx1JSZ%2FY5T%2FEOwn"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
content-disposition
inline; filename="mainloader.svg"
cf-ray
8b4965d32ee391e9-FRA
V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
fonts.gstatic.com/s/spacegrotesk/v16/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spacegrotesk/v16/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://privatesale.gems.vip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:03:20 GMT
x-content-type-options
nosniff
age
337115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22284
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:44:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:03:20 GMT
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		246 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
d3724372101feccff7eaa01fd0cc15251ef02a03c3e496d01b48b300924a4fd9

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-3471b97c08688cea
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
246
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		246 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
4c79e76ada788ad4a76bb74ced4e92e08132489667ab73a1ac2e85de3b424965

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-1f0f85081895f856
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
246
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		246 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
9b9eed832f009b7f0726a0708133171d90d3cf6e0b5ae3114943c1079286acbe

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-d1c132587e666f3
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
246
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		246 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
3aa4950d27787210cbb6c354996c6469ab337f0e6e45c958efd6e41e4d2afad8

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-7ef20e5b950f95aa
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
246
/
api.iplocation.net/ 		174 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.iplocation.net/?ip=217.114.215.132
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.19
Resource Hash
c669832699a68eb7a0aa31aa77c1c94f45aba1723576a5e4c8dd9f21ae9e8d13

Request headers

Accept
application/json, text/plain, */*
Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 11:41:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.19
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4kzApAyIScBG36uz4mx4WLja8LYxBEyhO3tvjxGZUpcK7KoIlkVL6lQI9rdM56K2o5IAc6QAq9HkHxU3FUhSlKSTFYnCDwhXA2L8chWB71VT%2FSZEsf0ym5VUgaSSaiAiv6rYiJX6SbCVudW6eV%2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
8b4965d4ad809226-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/ 		246 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cold-responsive-friday.quiknode.pro/15bbbcf85ec27b075486f39524c5741f49222932/
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.180.31.66 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
84ecb90c42245d845ac1b7c305cf49cc7f7287f3d5c7988e643531696dae101f

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-node-id
ethereum_mainnet_fra
date
Sat, 17 Aug 2024 11:41:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://privatesale.gems.vip
access-control-allow-credentials
true
x-host-id
f1b546936d23e3b5-1bdec8d7208d11d7
access-control-allow-headers
Content-Type,Authorization,User-Agent
content-length
246
users
prod-api.gems.vip/sale-rounds/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-api.gems.vip/sale-rounds/users
Requested by
Host: privatesale.gems.vip
URL: https://privatesale.gems.vip/static/js/3.55d00752.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f56b818961fdd30bb59fe3f09a74a7878d42fe8bff0a2abd020b713f3bfc20

Request headers

Accept
application/json, text/plain, */*
Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1c5b-5xJsFKHtEI3uvhUH3dL/pmtc6eM"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnStMk7UYcvrhjpmXWckUIekKSmo%2B%2FKZS1mukmc8btNsyIA52YxL2PVXrExS%2FOSzfLrQ8o7GV0QutMK0%2FTj20EiNeij60QE7y7posQe3b9yoZABXbOislIY%2BhFquMe7sRVv3%2F90j3j2lpC%2Fy6KAQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8b4965d4e90b18ff-FRA
favicon.ico
privatesale.gems.vip/ 		103 KB
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://privatesale.gems.vip/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da59c6b99fcc29480dfdf5540f7fdba2bb7d75925d96e7db11e3e81dd7f5813

Request headers

Referer
https://privatesale.gems.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 11:41:56 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"811123bbbe742bb8fc85d4f6112292587beb6623"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLlxn%2B2HuWIn%2Bt2txrNZAvHUIBoqxPaR3vdBi40CeuZ%2BPKgRzI5HBS%2B0ULWHK4XWBH44uNIIlBz5ulWwklUul3tbAmpj12Amtrz9X1oyqVCr7cp4BrQIKw77Lzv6DoUoUtQ5A5ExJ4ZuaR8TK51FmULF"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
content-disposition
inline; filename="favicon.ico"
cf-ray
8b4965d67b8491e9-FRA

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap object| webpackJsonpdao function| setImmediate function| clearImmediate function| _ object| regeneratorRuntime

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iplocation.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
cold-responsive-friday.quiknode.pro
fonts.googleapis.com
fonts.gstatic.com
ip.nf
maxcdn.bootstrapcdn.com
privatesale.gems.vip
prod-api.gems.vip
use.fontawesome.com
158.180.31.66
2606:4700:20::681a:6bb
2606:4700:20::681a:6d6
2606:4700:20::681a:7bb
2606:4700:3037::ac43:8ef5
2606:4700::6811:180e
2606:4700::6812:bb1f
2606:4700::6812:bcf
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a04:4e42:200::649
3.73.104.221
16dffa96889c1b499f02e302bd145f0b11c3f8b5faf6fee5fb6313e778e7d59d
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2cc51c21f6b1a316c79a9a2709a7b1aedc3be7a2bb20e62deb868e5091ae796e
39cb8f2a7112b042fb7428829c0cdb535a70bee874d20a63069463143e96d8fc
3aa4950d27787210cbb6c354996c6469ab337f0e6e45c958efd6e41e4d2afad8
40aadfc220e1fd00a778f6fe077c587a5754b3af605f4db38f6366c1c78f3e79
4c79e76ada788ad4a76bb74ced4e92e08132489667ab73a1ac2e85de3b424965
4f92fb3559e9a819b0b73e941ad5cf7000375f908309aaf1e60dabeaed403dce
53f56b818961fdd30bb59fe3f09a74a7878d42fe8bff0a2abd020b713f3bfc20
6da59c6b99fcc29480dfdf5540f7fdba2bb7d75925d96e7db11e3e81dd7f5813
753f838ae53eac0bc6c51ee079caef9f221b00ae24c658b37310ab1eb8be0122
7cb4cb8c6f3b224c88715c9dcc0ca7ccf74a54015bcd2a33cc419135c8b27450
7d707172ce856c4ce5413ba9adb35483106a2f1ad9b4fdd285f3b1540cb4f7e4
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
82e5882351ca19ebeab8a2f2a15cc74d3c1527120cb8526ed4b237acaf0ac32f
84ecb90c42245d845ac1b7c305cf49cc7f7287f3d5c7988e643531696dae101f
904f27ce2c79f32880d9d25e674ef51cb0f68f8cb06ea98cf57ce87d500a6093
90a63f7a454f0cd4e36cb18df07822533d74e6352d5f38d3b6c9ac6e8381753a
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9b9eed832f009b7f0726a0708133171d90d3cf6e0b5ae3114943c1079286acbe
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
c669832699a68eb7a0aa31aa77c1c94f45aba1723576a5e4c8dd9f21ae9e8d13
d14aa3bdfa2dfa5e3c82462b58ae7388a7c39958e5b633a27f08d745a351b1aa
d3724372101feccff7eaa01fd0cc15251ef02a03c3e496d01b48b300924a4fd9
e547fbf932daa8f844fa15839fbea6958fae1273930f065675bd10050054739b
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f743e3548e50d8a0001320b697c4811b906cbc0017ea943cbfe4809d7a671761