urlscan.io logo urlscan.io
SecurityTrails logo

exchange.gemini.com Open in urlscan Pro
99.83.200.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://exchange.gemini.com/
Effective URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Submission: On August 31 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 4 countries across 29 domains to perform 96 HTTP transactions. The main IP is 99.83.200.252, located in United States and belongs to AMAZON-02, US. The main domain is exchange.gemini.com. The Cisco Umbrella rank of the primary domain is 371487.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 16th 2023. Valid for: a year.
This is the only time exchange.gemini.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 21 99.83.200.252 16509 (AMAZON-02)
5 2600:9000:21b... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 35.190.25.25 15169 (GOOGLE)
2 151.101.65.208 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 23.200.145.32 20940 (AKAMAI-ASN1)
1 54.69.255.140 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 13.35.14.254 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 146.75.112.157 54113 (FASTLY)
1 44.196.82.171 14618 (AMAZON-AES)
1 4 15.197.193.217 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
1 52.84.228.218 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
1 7 35.190.43.134 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
3 3 18.143.106.89 16509 (AMAZON-02)
1 23.33.184.251 20940 (AKAMAI-ASN1)
2 2 74.125.24.157 15169 (GOOGLE)
2 2 35.213.12.39 15169 (GOOGLE)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 151.101.193.140 54113 (FASTLY)
1 34.210.219.79 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
4 2600:1901:0:c... 15169 (GOOGLE)
9 2404:6800:400... 15169 (GOOGLE)
1 35.232.130.7 396982 (GOOGLE-CL...)
96 32
21    99.83.200.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4793faec64193924.awsglobalaccelerator.com
exchange.gemini.com
5    2600:9000:21b4:0:1a:e26f:c2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.gemini.com
1    2404:6800:4003:c1c::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com
api.mixpanel.com
2    151.101.65.208 (United States)

ASN54113 (FASTLY, US)
sdk.iad-03.braze.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4003:c1a::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    23.200.145.32 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-145-32.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    54.69.255.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-255-140.us-west-2.compute.amazonaws.com
dx.mountain.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    13.35.14.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-14-254.sin5.r.cloudfront.net
sc-static.net
2    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.112.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    44.196.82.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-82-171.compute-1.amazonaws.com
data.adxcel-ec2.com
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    2404:6800:4003:c01::9d (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
1    2404:6800:4003:c11::9c (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
8    2404:6800:4003:c11::6a (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
3    18.143.106.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.33.184.251 (Tseung Kwan O, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-184-251.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    34.210.219.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-219-79.us-west-2.compute.amazonaws.com
px.mountain.com
4    2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:1901:0:c901:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.sardine.ai
9    2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    35.232.130.7 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.130.232.35.bc.googleusercontent.com
p.sardine.ai
Apex Domain
Subdomains		 Transfer
26 gemini.com
exchange.gemini.com — Cisco Umbrella Rank: 371487
assets.gemini.com — Cisco Umbrella Rank: 818485
2 MB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
892 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
62 KB
7 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 914 Failed
2 KB
5 sardine.ai
api.sardine.ai — Cisco Umbrella Rank: 37664
p.sardine.ai — Cisco Umbrella Rank: 56008
92 KB
5 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 589
match.adsrvr.org — Cisco Umbrella Rank: 348
js.adsrvr.org — Cisco Umbrella Rank: 1489
4 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
3 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 754
131 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
870 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 374
13 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 473
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
82 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1119
33 KB
2 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 5530
px.mountain.com — Cisco Umbrella Rank: 5673
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
2 braze.com
sdk.iad-03.braze.com — Cisco Umbrella Rank: 3115
282 B
2 mixpanel.com
api.mixpanel.com — Cisco Umbrella Rank: 1156
464 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1523
637 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
185 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 742
395 B
1 t.co
t.co — Cisco Umbrella Rank: 577
377 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 3474
285 B
1 adxcel-ec2.com
data.adxcel-ec2.com — Cisco Umbrella Rank: 4347
131 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 758
15 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1344
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
0 google.com.sg Failed
www.google.com.sg Failed
96 29
Domain Requested by
21 exchange.gemini.com 2 redirects exchange.gemini.com
assets.gemini.com
sc-static.net
analytics.tiktok.com
dx.mountain.com
px.mountain.com
9 www.gstatic.com www.google.com
www.gstatic.com
8 www.google.com assets.gemini.com
www.gstatic.com
www.google.com
7 tr.snapchat.com sc-static.net
assets.gemini.com
5 assets.gemini.com exchange.gemini.com
4 api.sardine.ai assets.gemini.com
api.sardine.ai
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 analytics.tiktok.com assets.gemini.com
analytics.tiktok.com
3 ups.analytics.yahoo.com 3 redirects
3 match.adsrvr.org assets.gemini.com
js.adsrvr.org
3 bat.bing.com assets.gemini.com
bat.bing.com
2 pixel.tapad.com 2 redirects
2 x.bidswitch.net 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 connect.facebook.net assets.gemini.com
connect.facebook.net
2 sc-static.net assets.gemini.com
tr.snapchat.com
2 www.google-analytics.com assets.gemini.com
2 sdk.iad-03.braze.com assets.gemini.com
2 api.mixpanel.com assets.gemini.com
1 p.sardine.ai
1 px.mountain.com dx.mountain.com
1 alb.reddit.com
1 www.facebook.com
1 analytics.twitter.com
1 t.co
1 hb.yahoo.net js.adsrvr.org
1 stats.g.doubleclick.net assets.gemini.com
1 js.adsrvr.org match.adsrvr.org
1 googleads.g.doubleclick.net www.googletagmanager.com
1 insight.adsrvr.org 1 redirects
1 data.adxcel-ec2.com
1 static.ads-twitter.com assets.gemini.com
1 www.redditstatic.com assets.gemini.com
1 dx.mountain.com assets.gemini.com
1 www.googletagmanager.com assets.gemini.com
1 fonts.googleapis.com exchange.gemini.com
0 www.google.com.sg Failed
96 37

This site contains links to these domains. Also see Links.

Domain
www.gemini.com
Subject Issuer Validity Valid
exchange.gemini.com
Amazon RSA 2048 M02		 2023-08-16 -
2024-09-13		 a year crt.sh
assets.gemini.com
Amazon RSA 2048 M01		 2023-03-31 -
2024-04-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.mixpanel.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-02-13 -
2024-03-15		 a year crt.sh
*.iad-03.braze.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-04 -
2024-01-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2023-06-12 -
2024-06-23		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
adxcel-ec2.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-16		 9 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
hb.yahoo.net
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-03 -
2024-01-03		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-03 -
2024-01-03		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
api.sardine.ai
GTS CA 1D4		 2023-08-13 -
2023-11-11		 3 months crt.sh
p.sardine.ai
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Frame ID: C320605320397A2092685A340EAA80B1
Requests: 59 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: DCF61B5781DAA5AAFC15301718F4C7A3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
Frame ID: F24D76064BD1DE39DE1B33E303C84D89
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab&u_scsid=b5f862b2-7d0a-4719-b77d-6e5b58ba11bd&u_sclid=b687385f-1a13-42e4-9500-7929338e9e17
Frame ID: F9F2E884C708D689D505C2BE1A659521
Requests: 2 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS00Lk9za3c5RTJ1R2QwU1c4eGEyMjg4VTIuNlQyblVkU35B&gdpr=0&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&dpid=55953
Frame ID: A6F304C1167BA49D2A40E07D7015268F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_gid=CAESEGkt7asMb1fKsPlicJoVHpo&google_cver=1
Frame ID: 5C3CDFD42955B2D75791D62B4E39BF10
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 99B9044B9D9DCA1667C06E6EBB472FA6
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1693425519200&pnid=140&pcid=630dee46-2370-4421-a87f-d124ac7c5940
Frame ID: 7199F3A3C524241119A2A9E5356EF327
Requests: 1 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.2e6e781.html?r=2023-08-18-2e6e781
Frame ID: 4CB7DD4850BC79512C9F21CE62526205
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Frame ID: 664524AF1FC909DE13BEC8304581A95D
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Frame ID: B490FAE912982257407510DB1373BA1F
Requests: 8 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: 06FA61129369E120DA38D855FE4DF3BD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Frame ID: 8A1D07F057353D280875E8F77D7B9289
Requests: 3 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: 45C276E4B1F4D06ACFF2FEDE47FBA8CF
Requests: 1 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: 04AE5ECCF9E5177A8BD1906EA0001D7B
Requests: 1 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: D3B9C38E5EE8779F8254820E46973242
Requests: 1 HTTP requests in this frame

Frame: https://exchange.gemini.com/collect-csp
Frame ID: BBF9A55D3D9FF1FE5FB243AA4068D12F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gemini - Sign In

Page URL History Show full URLs

  1. https://exchange.gemini.com/ HTTP 303
    https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • api\.mixpanel\.com/track
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

96
Requests

94 %
HTTPS

40 %
IPv6

29
Domains

37
Subdomains

32
IPs

4
Countries

3317 kB
Transfer

10719 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://exchange.gemini.com/ HTTP 303
    https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://exchange.gemini.com/js/SignIn.38c38a953.en-US.json HTTP 301
  • https://assets.gemini.com/builds-2/web/main/SignIn.38c38a953.en-US.json
Request Chain 23
  • https://insight.adsrvr.org/track/up?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
Request Chain 38
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3084059-690c-44f7-8cff-44438671ccb4&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3084059-690c-44f7-8cff-44438671ccb4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS00Lk9za3c5RTJ1R2QwU1c4eGEyMjg4VTIuNlQyblVkU35B&gdpr=0&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&dpid=55953
Request Chain 39
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTMwODQwNTktNjkwYy00NGY3LThjZmYtNDQ0Mzg2NzFjY2I0&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YTMwODQwNTktNjkwYy00NGY3LThjZmYtNDQ0Mzg2NzFjY2I0&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_gid=CAESEGkt7asMb1fKsPlicJoVHpo&google_cver=1
Request Chain 40
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a3084059-690c-44f7-8cff-44438671ccb4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=a3084059-690c-44f7-8cff-44438671ccb4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 43
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1693468289917&u_scsid=41ec3f94-1c27-4f20-a1ba-749209178505&u_sclid=0bfc49dd-1cb1-469c-b145-d56f099d9fca HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1693425519200%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1693425519200%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1693425519200&pnid=140&pcid=630dee46-2370-4421-a87f-d124ac7c5940

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
exchange.gemini.com/
Redirect Chain
  • https://exchange.gemini.com/
  • https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
314 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
53eec002e8dad74e909585e44224316be72918b9a4888320528211fc7a7d3ffc
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 07:51:27 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Accept-Encoding Accept, Refresh-Only,Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-include-csp
recaptcha.contentSecurityPolicy
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
date
Thu, 31 Aug 2023 07:51:27 GMT
expires
Tue, 03 Jul 2001 06:00:00 GMT
location
/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
0.b71fc4afc09d5ca2cc97.css
assets.gemini.com/builds-2/web/main/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/0.b71fc4afc09d5ca2cc97.css
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:0:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11978205fb27784eca7de2ac4c8e1f4479db6ba522b3909ab6694890ce6999d3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
WuuPv5z404aNDbjMslpZi0SQcXCSDDgg
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 07:51:29 GMT
last-modified
Fri, 11 Aug 2023 23:00:34 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"ed20c964cfbb462c4a4577aa8e15a845"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-meta-md5chksum
7SDJZM+7RixKRXeqjhWoRQ==
x-amz-cf-id
bxudAG2OBuK3fIqExaLe77pVODnQUyG38IrcOqN3aSIrzj1ejyYq_A==
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af1a469d92bfcb0a43a47a53cafabdf04d540b95294d155def3ff6693c1fc538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 31 Aug 2023 07:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 06:29:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Aug 2023 07:51:27 GMT
runtime.3b444e7ba41b335046e3.js
assets.gemini.com/builds-2/web/main/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/runtime.3b444e7ba41b335046e3.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:0:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31e70e5c319ee777f20679a6ee74fa5fa1d558c0d3227e8143f01fb29068956c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
0jCfw7xba_z6pfLtQ7L7jnIbxj8JBpah
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 07:51:29 GMT
last-modified
Wed, 30 Aug 2023 16:44:29 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"567abc3db0af0935777c08b78cf6acfd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-meta-md5chksum
Vnq8PbCvCTV3fAi3jPas/Q==
x-amz-cf-id
LzXwFwv6vLcOIgRYG_Roehm6i6bkowE2se8wKAP0gS9DgBMzG6HrHA==
0.95f68ac970cbc50ade71.js
assets.gemini.com/builds-2/web/main/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:0:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fb0343ea9523be4ce923a2e3c87eb32966010ae12ec6da7324d039329fbd2b6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Va7shY_gnuwp5wzVki0JlSZY6C.QXlBF
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 07:51:29 GMT
last-modified
Tue, 29 Aug 2023 23:23:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"1a110d04d28df84522646c7f403c238e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-meta-md5chksum
GhENBNKN+EUiZGx/QDwjjg==
x-amz-cf-id
qF7xmSzZErzS-H2Ec0clqhbkZVvIfEv4OPVjGymosUk0GOGCTMaPDA==
75.0c3a63ca3d5a6b46f11d.js
assets.gemini.com/builds-2/web/main/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/75.0c3a63ca3d5a6b46f11d.js
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:0:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6259b644f1ea564cb7da8a75f91f85871fb66f604d18fa1212cbb9ff5df0570a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
gAd4MsGWiZd1mlVL2eZamNOy5EXb6iKV
content-encoding
gzip
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 07:51:29 GMT
last-modified
Tue, 29 Aug 2023 23:24:22 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"4acb964147976a4e572e8be8e9bffc4a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-meta-md5chksum
SsuWQUeXak5XLovo6b/8Sg==
x-amz-cf-id
cURuiVvBWzELU7rTKo1RNiZ4unXgSEKGTm5KI1-5GN-AkWB9jlJM3g==
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ Frame DCF6 		0
0
/
api.mixpanel.com/decide/ 		65 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=d63e727b7647b63c44007c4c8876cb81&ip=0&_=1693468289334
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
via
1.1 google
server
gunicorn
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
alt-svc
clear
/
api.mixpanel.com/track/ 		1 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vc2lnbmluP3JlZGlyZWN0PTI2M2I2ZTAwYTNlZjk3MGVlYjZhNTBjM2UzZTE4ZjJmMDljZjZjYzktMTY5MzQ2ODI4NzQ3Mi0lMkYiLCIkYnJvd3Nlcl92ZXJzaW9uIjogMTE2LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjIuNCIsImRpc3RpbmN0X2lkIjogIjE4YTRhOTM2OTMzODA1LTAwNGRjM2ZmODg1NTM2LTYwM2I1MjViLTFkNGMwMC0xOGE0YTkzNjkzNDEwNmEiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJodHRwczovL2V4Y2hhbmdlLmdlbWluaS5jb20vc2lnbmluP3JlZGlyZWN0PTI2M2I2ZTAwYTNlZjk3MGVlYjZhNTBjM2UzZTE4ZjJmMDljZjZjYzktMTY5MzQ2ODI4NzQ3Mi0lMkYiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICJkNjNlNzI3Yjc2NDdiNjNjNDQwMDdjNGM4ODc2Y2I4MSJ9fQ%3D%3D&ip=0&_=1693468289337
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 31 Aug 2023 07:51:29 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://exchange.gemini.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
X-Requested-With
content-length
1
alt-svc
clear
locate
exchange.gemini.com/ 		16 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/locate
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Csrf-Token
nocheck
Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
16
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
/
sdk.iad-03.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://exchange.gemini.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Thu, 31 Aug 2023 07:51:29 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230136-FRA
x-timer
S1693468290.894721,VS0,VE94
/
sdk.iad-03.braze.com/api/v3/data/ 		23 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
f7c7991a-0419-4e08-acae-40e64d232a89
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json
Referer
https://exchange.gemini.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
71cd3625-11f9-4b77-b676-42c2a9669dcd
x-served-by
cache-fra-eddf8230136-FRA
x-runtime
0.012307
server
nginx
x-timer
S1693468290.158750,VS0,VE102
etag
W/"7dee95a6ccd31ae0fcf82a88a1eed413"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
SignIn.38c38a953.en-US.json
assets.gemini.com/builds-2/web/main/
Redirect Chain
  • https://exchange.gemini.com/js/SignIn.38c38a953.en-US.json
  • https://assets.gemini.com/builds-2/web/main/SignIn.38c38a953.en-US.json
75 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.gemini.com/builds-2/web/main/SignIn.38c38a953.en-US.json
Protocol
H2
Server
2600:9000:21b4:0:1a:e26f:c2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c80d37674d9a7b7b7811a1d595cbc01c7b8c8e9fb3c195745120dcfb96a0b65

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
chXfX5afkO2gLSDad8hkaYoCMlgbZf.4
content-encoding
gzip
via
1.1 314aa53e803ca952f52cb68ad4be899e.cloudfront.net (CloudFront)
date
Thu, 31 Aug 2023 07:51:31 GMT
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Tue, 29 Aug 2023 23:26:35 GMT
server
AmazonS3
etag
W/"c7b4af6aa3a6be63e7b84433eb2749c4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://exchange.gemini.com
vary
Accept-Encoding
access-control-allow-credentials
true
x-amz-meta-md5chksum
x7SvaqOmvmPnuEQz6ydJxA==
x-amz-cf-id
kjCwefmS0EQyyMG7A6-t5NJgMI7MqUSIHNXyWEhDHAdjaGW8Q-Mxxg==

Redirect headers

date
Thu, 31 Aug 2023 07:51:29 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
location
https://assets.gemini.com/builds-2/web/main/SignIn.38c38a953.en-US.json
content-length
0
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 31 Aug 2023 06:45:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3965
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 31 Aug 2023 08:45:24 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-538501539
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd6faa42650bdaf320758f76d1b7da0cf588a920649b7696898e3f92e9f435cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72855
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Aug 2023 07:51:29 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4065T4VE57P75FJO57G&lib=ttq
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.145.32 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-145-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1fbbdb27bdb5c1c02874624ae955c73e8b7d15bc8168ce1573afb72cff696bc0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
5fde1ba.b047b1f
date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-200-145-28.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
203,23.200.145.28
server-timing
cdn-cache; desc=MISS, edge; dur=197, origin; dur=6, inner; dur=2
content-length
1242
pragma
no-cache
server
nginx
x-tt-logid
202308310751307DD538A6BA9250311154
x-cache-remote
TCP_MISS from a23-220-107-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.220.107.15
x-tt-trace-host
0141721bf65e892fe44e9ea21a2541239251bd0a1402982b5d1da651f1a2ace69806c71a4d037277e8115f53001e2a1a7ab723983ea3344f1b357f24c8de8998ed945a733cf524af0557311005362b5dafaf202e5b67041712e3c9ad52f857113a33674c1f8ba1e33d7b23a4384bd236b9
expires
Thu, 31 Aug 2023 07:51:30 GMT
spx
dx.mountain.com/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=33475&tdr=&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term=value
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.69.255.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-255-140.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
400be06485d61746c2db6aa7df232a28605a2f686d18a707b7482047f76740a3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
2
connection
close
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
bat.js
bat.bing.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 31 Aug 2023 07:51:29 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8288B6D31CF94446BF8AE03BC1B20DF3 Ref B: SIN30EDGE0508 Ref C: 2023-08-31T07:51:29Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
scevent.min.js
sc-static.net/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
content-encoding
gzip
via
1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16388
x-amz-cf-id
s6x2DRY2FkjZvRsnx1Vncyx_TBNEe3KgW8ObueQYRK3iM4duzrrgaw==
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 07:51:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
KVv9jKUHF1QntGoGI0ZirbJfmPXTUxBcI2Rb4XrQUEGgq8MdYGRachsfnlAqFG0RwpQjx+tp7wmRtvlaiZ2pLA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.112.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-nrt-rjtf7700046-NRT
/
data.adxcel-ec2.com/pixel/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=a101e90e-2050-452b-919d-7cbb1a22649d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.82.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-82-171.compute-1.amazonaws.com
Software
/
Resource Hash
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
match.adsrvr.org/track/upb/ Frame F24D
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
929 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
70a85c34770960fe5c5bf20e7d937be51783dd92fc0751a9b28a19cbe232bb8a

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 07:51:29 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 31 Aug 2023 07:51:29 GMT
location
https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=1693468289783&cv=11&fst=1693468289783&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&hn=www.googleadservices.com&frm=0&tiba=Gemini%20-%20Sign%20In&auid=140672883.1693468290&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-538501539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d0f4fb5cf927ea32f4b020298086885e8b952b1d7526d2369fe3c12be907a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1373
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
330632917740535
connect.facebook.net/signals/config/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/330632917740535?v=2.9.125&r=stable&domain=exchange.gemini.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68dd6296886c67114c24f47367911b8a9cfcf50becc80b814f3e3c083533c669
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 31 Aug 2023 07:51:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LfbFA0wSw29p9xqOUbKVlxM9cgHFqdhuz6PheD4iuBItjfPh1rdkQASAdD2z5my+rRnVZkNJGuz/CoOYzzVZKQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame F24D 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=vca2j0f&ref=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&upid=0p4vrcn&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 03:02:06 GMT
Via
1.1 998b911809b5181544e60111e0bda762.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
17364
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
I0lUab2sB__FOU4HloOxX1BhejBf665YuhZ_LTMJvBliBrr-8FM5Eg==
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1526820794&t=pageview&_s=1&dl=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&ul=en-us&de=UTF-8&dt=Gemini%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1172967191&gjid=746898533&cid=289245458.1693468290&tid=UA-57271391-1&_gid=392784226.1693468290&_r=1&_slc=1&z=741457884
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
56372295.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56372295.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 31 Aug 2023 07:51:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2AC2DF8621E4E18950737DC90812EBA Ref B: SIN30EDGE0508 Ref C: 2023-08-31T07:51:29Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56372295&Ver=2&mid=eff11aac-a535-4b53-a3fc-d64e2d89baa2&sid=320c0ff047d311ee950e9de37842369d&vid=320bf6b047d311eeaf281f748cf63353&vids=1&msclkid=N&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gemini%20-%20Sign%20In&p=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&r=&lt=2649&evt=pageLoad&sv=1&rn=725808
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 07:51:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F81BE24F32194AECBBC8A27F8857B860 Ref B: SIN30EDGE0508 Ref C: 2023-08-31T07:51:29Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-57271391-1&cid=289245458.1693468290&jid=1172967191&gjid=746898533&_gid=392784226.1693468290&_u=IEBAAEAAAAAAACAAI~&z=386853885
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 31 Aug 2023 07:51:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
a6f1d525-34a9-431b-889e-1e7495e83eab.js
tr.snapchat.com/config/com/ 		0
0
i
tr.snapchat.com/cm/ Frame F9F2 		672 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab&u_scsid=b5f862b2-7d0a-4719-b77d-6e5b58ba11bd&u_sclid=b687385f-1a13-42e4-9500-7929338e9e17
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Thu, 31 Aug 2023 07:51:29 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
10
a6f1d525-34a9-431b-889e-1e7495e83eab.json
tr.snapchat.com/config/com/ 		70 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/a6f1d525-34a9-431b-889e-1e7495e83eab.json
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
92bef0a7631381bd1413afbf694fd004d3cc9f77edaa99a74b45cb2e6406270d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://exchange.gemini.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-57271391-1&cid=289245458.1693468290&jid=1172967191&_u=IEBAAEAAAAAAACAAI~&z=2145756808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		0
0
cksync
hb.yahoo.net/ Frame A6F3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3084059-690c-44f7-8cff-44438671ccb4&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a3084059-690c-44f7-8cff-44438671ccb4&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS00Lk9za3c5RTJ1R2QwU1c4eGEyMjg4VTIuNlQyblVkU35B&gdpr=0&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&dpid=55953
43 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS00Lk9za3c5RTJ1R2QwU1c4eGEyMjg4VTIuNlQyblVkU35B&gdpr=0&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&dpid=55953
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.184.251 Tseung Kwan O, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-184-251.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800 max-age=86400 ; includeSubDomains

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
43
content-type
image/gif
date
Thu, 31 Aug 2023 07:51:30 GMT
expires
Thu, 31 Aug 2023 07:51:30 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800 max-age=86400 ; includeSubDomains

Redirect headers

age
0
content-length
0
date
Thu, 31 Aug 2023 07:51:29 GMT
location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS00Lk9za3c5RTJ1R2QwU1c4eGEyMjg4VTIuNlQyblVkU35B&gdpr=0&ovsid=a3084059-690c-44f7-8cff-44438671ccb4&dpid=55953
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame 5C3C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTMwODQwNTktNjkwYy00NGY3LThjZmYtNDQ0Mzg2NzFjY2I0&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YTMwODQwNTktNjkwYy00NGY3LThjZmYtNDQ0Mzg2NzFjY2I0&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-444...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_gid=CAESEGkt7asMb1fKsPlicJoVHpo&google_cver=1
70 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_gid=CAESEGkt7asMb1fKsPlicJoVHpo&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 31 Aug 2023 07:51:29 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:51:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3084059-690c-44f7-8cff-44438671ccb4&google_gid=CAESEGkt7asMb1fKsPlicJoVHpo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 99B9
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=a3084059-690c-44f7-8cff-44438671ccb4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=a3084059-690c-44f7-8cff-44438671ccb4&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 31 Aug 2023 07:51:30 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 31 Aug 2023 07:51:30 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
p
tr.snapchat.com/ 		68 B
289 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
scevent.min.js
sc-static.net/ Frame F9F2 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=a6f1d525-34a9-431b-889e-1e7495e83eab&u_scsid=b5f862b2-7d0a-4719-b77d-6e5b58ba11bd&u_sclid=b687385f-1a13-42e4-9500-7929338e9e17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 03:04:21 GMT
content-encoding
gzip
via
1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
age
17228
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
16388
x-amz-cf-id
7zcJmm_PcG4YtgwmmIf5JX4WARZ9DDhn6dOFc89yGvqfBrHrMHnrOA==
p
tr.snapchat.com/cm/ Frame 7199
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1693468289917&u_scsid=41ec3f94-1c27-4f20-a1ba-749209178505&u_sclid=0bfc49dd-1cb1-469c-b145-d56f099d9fca
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1693425519200%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1693425519200%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1693425519200&pnid=140&pcid=630dee46-2370-4421-a87f-d124ac7c5940
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1693425519200&pnid=140&pcid=630dee46-2370-4421-a87f-d124ac7c5940
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Thu, 31 Aug 2023 07:51:30 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
15

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Aug 2023 07:51:30 GMT
location
https://tr.snapchat.com/cm/p?rand=1693425519200&pnid=140&pcid=630dee46-2370-4421-a87f-d124ac7c5940
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
hm
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://exchange.gemini.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://exchange.gemini.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 31 Aug 2023 07:51:29 GMT
server
API Gateway
via
1.1 google
hm
tr.snapchat.com/ 		68 B
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 31 Aug 2023 07:51:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
/
www.google.com/pagead/1p-user-list/538501539/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/538501539/?random=1693468289783&cv=11&fst=1693465200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&frm=0&tiba=Gemini%20-%20Sign%20In&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=588845953&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
/
www.google.com.sg/pagead/1p-user-list/538501539/ 		0
0
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=62d86391-b0ac-43c7-85a7-b2ebc334a3ac&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95471a1e-c720-4c33-a5ef-def0779529a5&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time
170
date
Thu, 31 Aug 2023 07:51:29 GMT
strict-transport-security
max-age=0
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
6f8e089b7963e876
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
6016607fe590718a00ea01bddcc7ebc6a5546cfc20c3e1453b88a2c840fe66f8
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=62d86391-b0ac-43c7-85a7-b2ebc334a3ac&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95471a1e-c720-4c33-a5ef-def0779529a5&tw_document_href=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1doi&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time
160
date
Thu, 31 Aug 2023 07:51:29 GMT
strict-transport-security
max-age=631138519
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
893a3933675c93dd
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
495a520c43d878781a657c371cdbc1c83b95cff58e9b7c038893c1ea3ad24fd0
content-length
43
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=330632917740535&ev=PageView&dl=https%3A%2F%2Fexchange.gemini.com&rl=&if=false&ts=1693468290028&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693468290026.23128336&pm=1&hrl=57ecc5&it=1693468289809&coo=false&cs_cc=1&cas=7536988679652365%2C4774214379342401%2C4181431481904582%2C4220516468023901%2C3575708579211567%2C1889127917841079&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 31 Aug 2023 07:51:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main.MTE4Nzk5OTU3MA.js
analytics.tiktok.com/i18n/pixel/static/ 		363 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4065T4VE57P75FJO57G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.145.32 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-145-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42797e694586c69bfea1ebdb17d9dc0ffc27f7dcd2d5b2c8173e2eb1365b07a3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
b047b44
date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202308241301516DA612015D884024D00F
vary
Accept-Encoding
x-cache
TCP_HIT from a23-200-145-28.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014b5b41303257c61e2dd4c7eb214b782013c11f2d94bc8f7a85b6414e5f9305072bb5849aef2210a51a5b67dbabf252d2bb17f7c4d180f5bfba2f24915893caaa61188b7f628554a0a2dee0e0a4efc37fe3755220dba030321205294612a0de49
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length
99555
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1693468290269&id=t2_5jsn66z8&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=9a1f10fc-f569-4983-adcd-27fa48fc8265&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
identify_7de69.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7de69.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.145.32 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-145-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
b047b53
date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202308241301526DA612015D884024D045
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-200-145-28.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014b5b41303257c61e2dd4c7eb214b782013c11f2d94bc8f7a85b6414e5f9305072bb5849aef2210a51a5b67dbabf252d2f9a888373a8b102673445caf66226d854241499d94761fca0d554cef1029c92490d62c41b846d8a21341078f876b4ff3
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30600
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
793 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.145.32 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-145-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://exchange.gemini.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2c51a7b3.b047b59
date
Thu, 31 Aug 2023 07:51:30 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-200-145-28.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
338,23.200.145.28
server-timing
cdn-cache; desc=MISS, edge; dur=207, origin; dur=139, inner; dur=136
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023083107513013F3D5BF9F39CF3797BE
x-cache-remote
TCP_MISS from a23-220-107-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
139,23.220.107.22
x-tt-trace-host
0141721bf65e892fe44e9ea21a2541239251bd0a1402982b5d1da651f1a2ace6984015ee2f45f1f1fb7e8c19646d7f4d9c89cdccb8e9db98d8cb12639c1faabc4bf5e86f43576a38f8825cc11cb24e48145460d4ca599b5ae022ce8b187db3362053fb246941039a74e284db550dbd9c48
access-control-allow-headers
Authorization,*
expires
Thu, 31 Aug 2023 07:51:30 GMT
collect-csp
exchange.gemini.com/ 		520 B
590 B 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
awselb/2.0 /
Resource Hash
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
server
awselb/2.0
content-length
520
content-type
text/html
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33475&tdr=&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term=value
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33475&tdr=&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term=value
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
st
px.mountain.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-57271391-1&ga_client_id=289245458.1693468290&shpt=Gemini%20-%20Sign%20In&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-57271391-1%22%2C%22ga_client_id%22%3A%22289245458.1693468290%22%2C%22shpt%22%3A%22Gemini%20-%20Sign%20In%22%2C%22dcm_cid%22%3A%22289245458.1693468290%22%2C%22dcm_gid%22%3A%22392784226.1693468290%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=289245458.1693468290&dcm_gid=392784226.1693468290&hardcoded_ga=UA-57271391-1&dxver=4.0.0&shaid=33475&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term%3Dvalue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33475&tdr=&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-219-79.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
77204638bfbb4d79a9a9190079c592894379786949f976b83b008041f6ae0a3d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:31 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
2
connection
close
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:30 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exchange.gemini.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 18:43:34 GMT
x-content-type-options
nosniff
age
479276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 18:43:34 GMT
api.js
www.google.com/recaptcha/ 		1 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a0a07084c6c2b49ba296b843b5ff453a33865e43ac9f80e0123783344b49c36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
890
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2023 07:51:30 GMT
loader.min.js
api.sardine.ai/assets/ 		115 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/loader.min.js
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4bd84894271835dad5a68c8914c053e7cca59f5943de8d9fa10913453a1aa3d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://exchange.gemini.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:43:14 GMT
content-encoding
gzip
age
497
x-guploader-uploadid
ADPycdvsH5edjfbpUvZE5hJblxQQftep8Ngt6vtMdCrAMu9BAeapj8cz9sYjy0HaoVr4Jhw1qGDSTl23kFb2PSeU8D6KUywMHNUB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29355
last-modified
Mon, 28 Aug 2023 17:13:36 GMT
server
UploadServer
etag
"96f0d356632d5eea228bc8703bbb6af4"
x-goog-hash
crc32c=FzDK0g==, md5=lvDTVmMtXuoii8hwO7tq9A==
x-goog-generation
1693242816330653
content-language
en
content-type
application/javascript
cache-control
public, max-age=1800,no-transform
x-goog-stored-content-length
29355
accept-ranges
bytes
expires
Thu, 31 Aug 2023 08:13:14 GMT
gemini-entity-countries
exchange.gemini.com/register/ 		341 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/register/gemini-entity-countries
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f76641c72dade686770e455db9dd4f1ec3bf7c0a7b294311cf9cf16a9c575488
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Csrf-Token
nocheck
Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:31 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
341
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
locate
exchange.gemini.com/ 		16 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/locate
Requested by
Host: assets.gemini.com
URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Csrf-Token
nocheck
Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:31 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
16
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		459 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&onload=GoogleRecaptchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3cdde0227eb1665999937f485b201574c3a1080388bed0d2193ceece795e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://exchange.gemini.com/
Origin
https://exchange.gemini.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187417
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:20 GMT
collector.min.2e6e781.html
api.sardine.ai/assets/ Frame 4CB7 		201 B
461 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/collector.min.2e6e781.html?r=2023-08-18-2e6e781
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
13ffe15b8be4214096954e71f3d327bb368ed40fc1d41b6002dba9f3fd48cf44

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1800,no-transform
content-encoding
gzip
content-language
en
content-length
193
content-type
text/html
date
Thu, 31 Aug 2023 07:39:43 GMT
etag
"56eb4023151b959191ca85566852e8b3"
expires
Thu, 31 Aug 2023 08:09:43 GMT
last-modified
Mon, 28 Aug 2023 17:13:36 GMT
server
UploadServer
x-goog-generation
1693242816318178
x-goog-hash
crc32c=iUPuhg== md5=VutAIxUblZGRyoVWaFLosw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
193
x-guploader-uploadid
ADPycdsXEvgSnPIKaWVc13MDO0NtsiuQh-iUdF53sr2jC04V9Jwktf8uqiiM8bXq62DCaZaYEmIyDJ2-AlM24vCc2Zn4DKU66Tv-
collect-csp
exchange.gemini.com/ Frame 4CB7 		0
0
collector.2e6e781.js
api.sardine.ai/assets/ Frame 4CB7 		218 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/collector.2e6e781.js
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/collector.min.2e6e781.html?r=2023-08-18-2e6e781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
15da41d36a5fc4ca310194c6135b93341373be58f87fac29c08b3360f553b09a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://api.sardine.ai/assets/collector.min.2e6e781.html?r=2023-08-18-2e6e781
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:31:52 GMT
content-encoding
gzip
age
1179
x-guploader-uploadid
ADPycdt9CfI-xM5VSgxYYB9VbZ3E2778Mz33sTU5OkaoUPdmk6TeoRnwZk6huYO_pOOmQYssMlUjad3eJbTVkYE8RrXJbOu2i1ia
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63453
last-modified
Mon, 28 Aug 2023 17:13:36 GMT
server
UploadServer
etag
"505b49c9613a1fe6cc0cb07941a0cd01"
x-goog-hash
crc32c=t7P15Q==, md5=UFtJyWE6H+bMDLB5QaDNAQ==
x-goog-generation
1693242816368119
content-language
en
content-type
application/javascript
cache-control
public, max-age=1800,no-transform
x-goog-stored-content-length
63453
accept-ranges
bytes
expires
Thu, 31 Aug 2023 08:01:52 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6645 		51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0c140dc98ee698b3f11b69fe3d866ac91807f9c620f8f8773ba15a746bf3772
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iXvWEKTxuhU3fvwzyaotoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28450
content-security-policy
script-src 'report-sample' 'nonce-iXvWEKTxuhU3fvwzyaotoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:51:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame B490 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59a53e9a62914b506095a9ccd5f6282788a7a518557d30155255cfa28a2106df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-18LMUoS4M03fPw7zoykHzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31680
content-security-policy
script-src 'report-sample' 'nonce-18LMUoS4M03fPw7zoykHzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:51:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 6645 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:21 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 6645 		459 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3cdde0227eb1665999937f485b201574c3a1080388bed0d2193ceece795e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187417
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:20 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B490 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:21 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B490 		459 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3cdde0227eb1665999937f485b201574c3a1080388bed0d2193ceece795e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187417
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:20 GMT
truncated
/ Frame B490 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B490 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B490 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:34:33 GMT
x-content-type-options
nosniff
age
436618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 02 Sep 2023 06:34:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B490 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 09:49:12 GMT
x-content-type-options
nosniff
age
424939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 09:49:12 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6645 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:34:33 GMT
x-content-type-options
nosniff
age
436618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 02 Sep 2023 06:34:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6645 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 09:49:12 GMT
x-content-type-options
nosniff
age
424939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 09:49:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6645 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 11:54:12 GMT
x-content-type-options
nosniff
age
503839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 11:54:12 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B490 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15c18a4a7d0fb653376b8eef21713040f61396db8c1321034726d1c5e09aa516
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=hedqni98xg7p
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2023 07:51:31 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 6645 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15c18a4a7d0fb653376b8eef21713040f61396db8c1321034726d1c5e09aa516
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeXFEEgAAAAALds-drHZpoMktvuxcTY1NE1ChO2&co=aHR0cHM6Ly9leGNoYW5nZS5nZW1pbmkuY29tOjQ0Mw..&hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=8lz1xlc860e8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2023 07:51:31 GMT
collect-csp
exchange.gemini.com/ Frame 06FA 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:31 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: px.mountain.com
URL: https://px.mountain.com/st?ga_tracking_id=UA-57271391-1&ga_client_id=289245458.1693468290&shpt=Gemini%20-%20Sign%20In&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-57271391-1%22%2C%22ga_client_id%22%3A%22289245458.1693468290%22%2C%22shpt%22%3A%22Gemini%20-%20Sign%20In%22%2C%22dcm_cid%22%3A%22289245458.1693468290%22%2C%22dcm_gid%22%3A%22392784226.1693468290%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=289245458.1693468290&dcm_gid=392784226.1693468290&hardcoded_ga=UA-57271391-1&dxver=4.0.0&shaid=33475&plh=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&cb=48316016015583550term%3Dvalue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:31 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
b.png
p.sardine.ai/v1/ Frame 4CB7 		68 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.sardine.ai/v1/b.png?sessionKey=afdb7881-fb32-4d93-a00f-b21fda877545&clientId=87271e93-ae9b-4ed1-b98b-0ef903f22353&flow=%2Fsignin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.232.130.7 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.130.232.35.bc.googleusercontent.com
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://api.sardine.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Thu, 31 Aug 2023 07:51:32 GMT
content-type
image/png
x-version-id
04740ae
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-request-id
c7085ba4-c984-40b5-9406-b7cbd49b188f
expires
Thu, 01 Jan 1970 00:00:00 UTC
bframe
www.google.com/recaptcha/api2/ Frame 8A1D 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7cf0f24e6ee0255cf7561e0db28b9b80209f33265e801d77a55f47e51004fb47
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PzQNgnU_XXTBe7Ga6ZY6jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://exchange.gemini.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1165
content-security-policy
script-src 'report-sample' 'nonce-PzQNgnU_XXTBe7Ga6ZY6jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 07:51:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
api.sardine.ai/v1/ Frame 4CB7 		506 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/v1/events
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/collector.2e6e781.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c901:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
cb3c1cc5692c460f828511f8f6568d7351d3c2a625d5f010803714dd3f1f8f28

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://api.sardine.ai/assets/collector.min.2e6e781.html?r=2023-08-18-2e6e781
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 07:51:31 GMT
via
1.1 google
access-control-allow-methods
POST, GET, OPTIONS
x-version-id
450b063
access-control-allow-origin
https://docs.sardine.ai
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Content-Type, Accept, Authorization
content-length
506
x-request-id
89fe9381-140c-4e0d-afd2-b11970856f18
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 8A1D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:21 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 8A1D 		459 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdMgEwgAAAAAOdD5qV6rxFJ9pYSgO0GPUAyv_jO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3cdde0227eb1665999937f485b201574c3a1080388bed0d2193ceece795e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 05:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187417
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 05:45:20 GMT
collect-csp
exchange.gemini.com/ Frame 45C2 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:35 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ Frame 04AE 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:35 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ Frame D3B9 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:35 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect-csp
exchange.gemini.com/ Frame BBF9 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange.gemini.com/collect-csp
Requested by
Host: exchange.gemini.com
URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.200.252 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4793faec64193924.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 31 Aug 2023 07:51:35 GMT
content-security-policy
report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15552000; includeSubDomains; preload;
vary
Origin
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://exchange.gemini.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03 Jul 2001 06:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exchange.gemini.com
URL
https://exchange.gemini.com/collect-csp
Domain
tr.snapchat.com
URL
https://tr.snapchat.com/config/com/a6f1d525-34a9-431b-889e-1e7495e83eab.js
Domain
www.google.com.sg
URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-57271391-1&cid=289245458.1693468290&jid=1172967191&_u=IEBAAEAAAAAAACAAI~&z=2145756808
Domain
www.google.com.sg
URL
https://www.google.com.sg/pagead/1p-user-list/538501539/?random=1693468289783&cv=11&fst=1693465200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&frm=0&tiba=Gemini%20-%20Sign%20In&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=588845953&rmt_tld=1&ipr=y
Domain
exchange.gemini.com
URL
https://exchange.gemini.com/collect-csp

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| webpackJsonp object| __SENTRY__ function| setImmediate function| clearImmediate object| DD_RUM function| debugTool object| currencyData object| initialData object| optimizelyData boolean| __DEV__ object| braze function| _ object| __ENTRY_LOCALE_FILES__ function| applyFocusVisiblePolyfill function| checkAndTriggerAutoFillEvent string| GoogleAnalyticsObject function| ga function| gtag object| enhanced_conversion_data object| dataLayer string| TiktokAnalyticsObject object| ttq function| rdt object| uetq function| snaptr function| fbq function| _fbq function| twq object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData object| _scPxHelper function| UET function| UET_init function| UET_push object| ueto_5888b7d373 object| regeneratorRuntime object| twttr object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| dcm_cid undefined| dcm_tid undefined| dcm_gid function| GoogleRecaptchaResolved-161573f1-6ee3-457e-8124-bc8714df3d2b function| GoogleRecaptchaLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _Sardine string| _sardine_revision function| parcelRequire object| sardineContext object| closure_lm_545671

45 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.exchange.gemini.com/ Name: GEMINI_SESSION2
Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImNzcmZUb2tlbiI6IjY4YTAwZjMyMTNkMjA0YWJjYWYxODRiYzFkOWI0YjY3MDQ4NDMwNDctMTY5MzQ2ODI4NzczMC1hMTFmNWU0MzE4MWZiZWE1NzZhY2U3OTIifSwibmJmIjoxNjkzNDY4Mjg3LCJpYXQiOjE2OTM0NjgyODd9.Zr4uMUNJUb8Tw-6EAd7XMQro0SnVF2rETJNwLL35kDg
.exchange.gemini.com/ Name: SardineSession
Value: sessionKey=afdb7881-fb32-4d93-a00f-b21fda877545&expiry=1693470087742
exchange.gemini.com/ Name: AnalyticsId
Value: analyticId=25a5e5e7-45aa-4ba7-881b-30cc605615a3
.gemini.com/ Name: _dd_s
Value: rum=0&expire=1693469189325
.gemini.com/ Name: mp_d63e727b7647b63c44007c4c8876cb81_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218a4a936933805-004dc3ff885536-603b525b-1d4c00-18a4a936934106a%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gemini.com/ Name: ab.storage.userId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%22logged_out_user%22%2C%22c%22%3A1693468289340%2C%22l%22%3A1693468289343%7D
.gemini.com/ Name: ab.storage.deviceId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%22e7972728-8f74-68af-b71d-03bfe2e4a5b5%22%2C%22c%22%3A1693468289344%2C%22l%22%3A1693468289344%7D
.gemini.com/ Name: ab.storage.sessionId.f7c7991a-0419-4e08-acae-40e64d232a89
Value: %7B%22g%22%3A%223a0c8c63-f165-b99f-4c94-bd0f3f132b05%22%2C%22e%22%3A1693470089375%2C%22c%22%3A1693468289342%2C%22l%22%3A1693468289375%7D
exchange.gemini.com/ Name: lang
Value: en-US
.exchange.gemini.com/ Name: cookieSettings
Value: {%22hasDismissed%22:false%2C%22allowAnalytics%22:true%2C%22isSuppressed%22:false}
.adsrvr.org/ Name: TDID
Value: a3084059-690c-44f7-8cff-44438671ccb4
.gemini.com/ Name: _gcl_au
Value: 1.1.140672883.1693468290
.gemini.com/ Name: _ga
Value: GA1.2.289245458.1693468290
.gemini.com/ Name: _gid
Value: GA1.2.392784226.1693468290
.gemini.com/ Name: _gat
Value: 1
.gemini.com/ Name: _scid
Value: 4b5b95a2-1efe-4878-bf0b-8652c196f310
.gemini.com/ Name: _scid_r
Value: 4b5b95a2-1efe-4878-bf0b-8652c196f310
.gemini.com/ Name: _uetsid
Value: 320c0ff047d311ee950e9de37842369d
.gemini.com/ Name: _uetvid
Value: 320bf6b047d311eeaf281f748cf63353
.gemini.com/ Name: _sc_cspv
Value: https%3A%2F%2Ftr.snapchat.com%2Fconfig%2Fcom%2Fa6f1d525-34a9-431b-889e-1e7495e83eab.js
.bing.com/ Name: MUID
Value: 1DF3B70CC0C360563478A472C1C26102
.bat.bing.com/ Name: MR
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBIFG8GQCEJ56m-dZheOUHGlLlSi947EFEgEBAQGY8WT6ZK9E8HgB_eMAAA&S=AQAAAjK9ys2rM1IrHDDsmvIgQhQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlUlJA-A6HzzfARaDnV3unvtRzjmOCfVwoXYKGPH8b-GHEFEBvDUVDbee-FqAE
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2dnj:19e0~2dnj"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tapad.com/ Name: TapAd_TS
Value: 1693468289975
.tapad.com/ Name: TapAd_DID
Value: 630dee46-2370-4421-a87f-d124ac7c5940
.gemini.com/ Name: _fbp
Value: fb.1.1693468290026.23128336
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAEXHuRGAQAwDwIo840cYmXIQRxUUDxnZbpOqfbuN1TQoaYNMw1zSaPUZ/gT8iJ5CM+frT38BvvJkvUAAAAA=
.gemini.com/ Name: _sctr
Value: 1%7C1693411200000
.bidswitch.net/ Name: tuuid
Value: a7d4c8da-eb8e-471a-80bc-ef883edaa8c8
.bidswitch.net/ Name: c
Value: 1693468290
.bidswitch.net/ Name: tuuid_lu
Value: 1693468290
.twitter.com/ Name: personalization_id
Value: "v1_7cnjwmIpPh5944O/HrGvbw=="
.t.co/ Name: muc_ads
Value: aa9bddce-23f2-4993-9662-7a8fb83b9843
.tiktok.com/ Name: _ttp
Value: 2Uk0V02oomSjrzmUdcx4Tdvv5Jk
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKcmlnaHRtZWRpYRILCNiW_uejgJU8EAUSFQoGZ29vZ2xlEgsI6p-t6aOAlTwQBRIYCgliaWRzd2l0Y2gSCwjYlv7no4CVPBAFGAUgAigDMgsI2I6BlbqAlTwQBUIPIg0IARIJCgV0aWVyMhABWgd2Y2EyajBmYAE.
.gemini.com/ Name: _rdt_uuid
Value: 1693468290268.9a1f10fc-f569-4983-adcd-27fa48fc8265
.gemini.com/ Name: _tt_enable_cookie
Value: 1
.gemini.com/ Name: _ttp
Value: 7WO33CYHCA13E7FmAgh8d5XgACF
.mountain.com/ Name: guid
Value: 32e1e302-47d3-11ee-a706-77121f56d0d7
api.sardine.ai/ Name: _immortal|deviceToken
Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..zTkag0sZ_DdGMqIM.rXKQg_7iIUpnLtk_xlEGXUQrRZMtmqyT2O4GERJPSfNlBtU5kBrR6ZvG6GiPoVu5t4lzGktFeCxWUryDnmV-aSSWB59v42Da8frkkL-_eRfI0EbkOKimPQHZYxvMf4RARw-n-qMH7wZ7gDm93qKl9nvyvqCfgK8aFMFZySKznlPpvmLqvnTTV9I3BzGn1xfvYO7t2eU6ORACC_C_769RwueBNlnYzn_KP7a9trVnGMDKb3dskncFkKlExTgW_v0nzBQjvKygf2OqToYj-mcncJIG4fR9AyoiUrUiwOxXtGtVa6h3aQ.-cMAe-StbfLltanmyNfWaQ

27 Console Messages

Source Level URL
Text
security error URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js(Line 45)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js(Line 45)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js(Line 38)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
Refused to load the script 'https://tr.snapchat.com/config/com/a6f1d525-34a9-431b-889e-1e7495e83eab.js' because it violates the following Content Security Policy directive: "script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Message:
Refused to load the image 'https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-57271391-1&cid=289245458.1693468290&jid=1172967191&_u=IEBAAEAAAAAAACAAI~&z=2145756808' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com".
security error URL: https://exchange.gemini.com/signin?redirect=263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%2F
Message:
Refused to load the image 'https://www.google.com.sg/pagead/1p-user-list/538501539/?random=1693468289783&cv=11&fst=1693465200000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin%3Fredirect%3D263b6e00a3ef970eeb6a50c3e3e18f2f09cf6cc9-1693468287472-%252F&frm=0&tiba=Gemini%20-%20Sign%20In&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=588845953&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com".
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Refused to connect to 'https://analytics.pangle-ads.com/api/v2/pangle_pixel' because it violates the following Content Security Policy directive: "connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com".
security error URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js(Line 21)
Message:
Refused to connect to 'https://34.215.155.61/is' because it violates the following Content Security Policy directive: "connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com".
javascript error URL: https://assets.gemini.com/builds-2/web/main/0.95f68ac970cbc50ade71.js(Line 21)
Message:
Refused to connect to 'https://34.215.155.61/is' because it violates the document's Content Security Policy.
security error URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js(Line 6)
Message:
Refused to connect to 'https://analytics.tiktok.com/api/v2/pixel/act' because it violates the following Content Security Policy directive: "connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com".
network error URL: https://exchange.gemini.com/collect-csp
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://api.sardine.ai/assets/loader.min.js(Line 287)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js(Line 331)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js(Line 331)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js(Line 281)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js(Line 281)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__zh_cn.js(Line 394)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://dx.mountain.com https://px.mountain.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com https://js.verygoodvault.com *.bing.com/ https://js.dvnfo.com https://analytics.tiktok.com *.braze.com https://snap.licdn.com/ https://px.ads.linkedin.com/ https://static.ads-twitter.com/ https://analytics.twitter.com/ https://platform.twitter.com/ https://pixel.mathtag.com/ https://edge.fullstory.com https://rs.fullstory.com https://maps.googleapis.com *.braintreegateway.com https://cdn.plaid.com https://api.dev.sardine.ai/assets/loader.min.js https://api.sandbox.sardine.ai/assets/loader.min.js https://api.sardine.ai/assets/loader.min.js *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com/ https://zendesk-eu.my.sentry.io/ *.paypal.com https://poweredby.dosh.com/ https://cdn.checkout.com https://js.checkout.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; font-src 'self' data: https://static.gemini.com https://fonts.gstatic.com static.gemini.com; media-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; connect-src 'self' *.braintree-api.com *.braintreegateway.com https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ *.bing.com/ https://dvnfo.com https://analytics.tiktok.com/api/v2/pixel *.braze.com *.plaid.com https://insight.adsrvr.org/track/ https://tr.snapchat.com/ https://analytics.tiktok.com/api/v2/monitor https://www.filestackapi.com *.ingest.sentry.io https://rs.fullstory.com https://maps.googleapis.com https://www.paypal.com/* *.zendesk.com *.zdassets.com *.smooch.io wss://api.smooch.io/faye https://gemini241648821089.zendesk.com https://static.zdassets.com/ *.paypal.com https://*.browser-intake-datadoghq.com https://poweredby.dosh.com/ https://api.onfido.com/v2/documents https://api.onfido.com/v3/documents https://api.onfido.com/v3/live_photos https://assets.onfido.com/consent/user_consent.html https://telephony.onfido.com https://edge.api.onfido.com https://dashboard.onfido.com https://api.onfido.com/v1/cross_device_sms https://api.onfido.com/v3.3/sdk/configurations https://api.onfido.com/v3/snapshots wss://sync.onfido.com https://cdn.checkout.com https://js.checkout.com wss://api.gemini.com https://source.boringavatars.com wss://api.gemini.com https://creditcard.exchange.gemini.com https://creditcard.exchange.gemini.com https://assets.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com https://fonts.googleapis.com static.gemini.com https://assets.gemini.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/ https://tr6.snapchat.com/ https://js.verygoodvault.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://pixel.mathtag.com/ https://checkout.paypal.com/ https://cdn.plaid.com https://api.dev.sardine.ai/ https://api.sandbox.sardine.ai/ https://api.sardine.ai/ *.braintreegateway.com *.paypal.com https://isp-taker.gemini.stage.omniex.io/ https://isp-taker.gemini.uat.omniex.io/ https://isp-taker.gemini.omniex.io https://cdn.checkout.com https://js.checkout.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptchaenterprise.googleapis.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com *.bing.com/ https://dvnfo.com https://data.adxcel-ec2.com *.plaid.com t.co/i/adsct https://px.ads.linkedin.com/ https://www.google.com/ https://pixel.mathtag.com/ https://rs.fullstory.com *.braintreegateway.com https://p.adsymptotic.com/d/px/ https://analytics.twitter.com/i/adsct https://accounts.zendesk.com/flow_director/assets/default_avatar.png *.zdassets.com *.zendesk.com *.zdusercontent.com https://s3.amazonaws.com/MD_Assets/merchant_logos/ https://content.mx.com/logos/ https://poweredby.dosh.com/ https://dosh-cash-res.cloudinary.com/ https://rnassets.merchants.dosh.cash/ static.gemini.com www.gemini.com https://assets.gemini.com; prefetch-src 'self' https://cdn.plaid.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.mixpanel.com
api.sardine.ai
assets.gemini.com
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
data.adxcel-ec2.com
dx.mountain.com
exchange.gemini.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.yahoo.net
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
p.sardine.ai
pixel.tapad.com
px.mountain.com
sc-static.net
sdk.iad-03.braze.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
x.bidswitch.net
exchange.gemini.com
tr.snapchat.com
www.google.com.sg
104.244.42.3
104.244.42.5
13.35.14.254
146.75.112.157
15.197.193.217
151.101.193.140
151.101.65.208
18.143.106.89
2001:4860:4802:34::178
23.200.145.32
23.33.184.251
2404:6800:4003:c01::9d
2404:6800:4003:c02::5e
2404:6800:4003:c04::5e
2404:6800:4003:c11::6a
2404:6800:4003:c11::9c
2404:6800:4003:c1a::61
2404:6800:4003:c1c::5f
2600:1901:0:c901::
2600:9000:21b4:0:1a:e26f:c2c0:93a1
2620:1ec:c11::200
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42:200::396
34.111.113.62
34.210.219.79
35.190.25.25
35.190.43.134
35.213.12.39
35.232.130.7
44.196.82.171
52.84.228.218
54.69.255.140
74.125.24.157
99.83.200.252
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e3cdde0227eb1665999937f485b201574c3a1080388bed0d2193ceece795e8d
11978205fb27784eca7de2ac4c8e1f4479db6ba522b3909ab6694890ce6999d3
13ffe15b8be4214096954e71f3d327bb368ed40fc1d41b6002dba9f3fd48cf44
15c18a4a7d0fb653376b8eef21713040f61396db8c1321034726d1c5e09aa516
15da41d36a5fc4ca310194c6135b93341373be58f87fac29c08b3360f553b09a
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fbbdb27bdb5c1c02874624ae955c73e8b7d15bc8168ce1573afb72cff696bc0
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
31e70e5c319ee777f20679a6ee74fa5fa1d558c0d3227e8143f01fb29068956c
33d0f4fb5cf927ea32f4b020298086885e8b952b1d7526d2369fe3c12be907a6
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
400be06485d61746c2db6aa7df232a28605a2f686d18a707b7482047f76740a3
42797e694586c69bfea1ebdb17d9dc0ffc27f7dcd2d5b2c8173e2eb1365b07a3
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4bd84894271835dad5a68c8914c053e7cca59f5943de8d9fa10913453a1aa3d2
53eec002e8dad74e909585e44224316be72918b9a4888320528211fc7a7d3ffc
59a53e9a62914b506095a9ccd5f6282788a7a518557d30155255cfa28a2106df
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fb0343ea9523be4ce923a2e3c87eb32966010ae12ec6da7324d039329fbd2b6
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6259b644f1ea564cb7da8a75f91f85871fb66f604d18fa1212cbb9ff5df0570a
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
68dd6296886c67114c24f47367911b8a9cfcf50becc80b814f3e3c083533c669
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6a0a07084c6c2b49ba296b843b5ff453a33865e43ac9f80e0123783344b49c36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70a85c34770960fe5c5bf20e7d937be51783dd92fc0751a9b28a19cbe232bb8a
77204638bfbb4d79a9a9190079c592894379786949f976b83b008041f6ae0a3d
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cf0f24e6ee0255cf7561e0db28b9b80209f33265e801d77a55f47e51004fb47
7dee95a6ccd31ae0fcf82a88a1eed4130fd54f393f8e82aaa9d4461e0a37a94b
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92bef0a7631381bd1413afbf694fd004d3cc9f77edaa99a74b45cb2e6406270d
9c80d37674d9a7b7b7811a1d595cbc01c7b8c8e9fb3c195745120dcfb96a0b65
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1a469d92bfcb0a43a47a53cafabdf04d540b95294d155def3ff6693c1fc538
c0c140dc98ee698b3f11b69fe3d866ac91807f9c620f8f8773ba15a746bf3772
c11dedd92331fe09d846fb3d73e6746709438f2c697ed1ae520103fe171515cf
cb3c1cc5692c460f828511f8f6568d7351d3c2a625d5f010803714dd3f1f8f28
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f76641c72dade686770e455db9dd4f1ec3bf7c0a7b294311cf9cf16a9c575488
fd6faa42650bdaf320758f76d1b7da0cf588a920649b7696898e3f92e9f435cf