auto.gemvpn.xyz Open in urlscan Pro
2606:4700:3033::ac43:a868 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auto.gemvpn.xyz/
Submission: On May 03 via automatic, source certstream-suspicious (May 3rd 2023, 10:18:00 pm UTC) — Scanned from DE

Summary HTTP 177 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 66 IPs in 6 countries across 41 domains to perform 177 HTTP transactions. The main IP is 2606:4700:3033::ac43:a868, located in United States and belongs to CLOUDFLARENET, US. The main domain is auto.gemvpn.xyz.
TLS certificate: Issued by E1 on May 1st 2023. Valid for: 3 months.

This is the only time auto.gemvpn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3033::ac43:a868	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:da00:3:aed2:1700:21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.49 13.32.27.49	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
25	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
25	52.222.236.15 52.222.236.15	16509 (AMAZON-02) (AMAZON-02)
1	52.216.224.200 52.216.224.200	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:fa00:1e:7118:9c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:b800:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3	2400:52e0:1e0... 2400:52e0:1e00::1078:1	200325 (BUNNYCDN) (BUNNYCDN)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
5	35.166.210.191 35.166.210.191	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:ea00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:9a00:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	18.198.174.134 18.198.174.134	16509 (AMAZON-02) (AMAZON-02)
2	18.193.173.250 18.193.173.250	16509 (AMAZON-02) (AMAZON-02)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	178.128.135.204 178.128.135.204	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	3.236.169.56 3.236.169.56	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
11	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
7 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:feb5:e693:bc09:7eaf	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
177	66

5 2606:4700:3033::ac43:a868 (United States)

ASN13335 (CLOUDFLARENET, US)

auto.gemvpn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:da00:3:aed2:1700:21 (United States)

ASN16509 (AMAZON-02, US)

dfboipmnnah5o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-49.fra56.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lgbtqnation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.222.236.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-15.fra56.r.cloudfront.net

abuwjaawap.cloudimg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.224.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

lgbtqnation-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

q-digital.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:fa00:1e:7118:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

geo.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:b800:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.166.210.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-210-191.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:9a00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.174.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-174-134.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.173.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-173-250.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

brightcombid.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-56.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:feb5:e693:bc09:7eaf (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	cloudimg.io abuwjaawap.cloudimg.io — Cisco Umbrella Rank: 220997	497 KB
25	lgbtqnation.com www.lgbtqnation.com — Cisco Umbrella Rank: 255039	232 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 460 eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 566 pixel.rubiconproject.com — Cisco Umbrella Rank: 318	15 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 ad.doubleclick.net — Cisco Umbrella Rank: 169 stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	164 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 385	34 KB
11	googlesyndication.com 2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	76 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 287 aax.amazon-adsystem.com — Cisco Umbrella Rank: 381 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1035 s.amazon-adsystem.com — Cisco Umbrella Rank: 274	64 KB
9	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4909 api.omappapi.com — Cisco Umbrella Rank: 5128	32 KB
7	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 15958 geo.adspsp.com — Cisco Umbrella Rank: 63431 adspsp.com — Cisco Umbrella Rank: 14506	93 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3525 onesignal.com — Cisco Umbrella Rank: 1305 img.onesignal.com — Cisco Umbrella Rank: 7750	99 KB
5	gemvpn.xyz auto.gemvpn.xyz	62 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2587 www.google-analytics.com — Cisco Umbrella Rank: 30	22 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 211 acdn.adnxs.com — Cisco Umbrella Rank: 591	20 KB
4	gstatic.com fonts.gstatic.com	81 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	156 KB
3	33across.com ssc.33across.com — Cisco Umbrella Rank: 2491 ssc-cms.33across.com — Cisco Umbrella Rank: 1013	521 B
3	cloudfront.net dfboipmnnah5o.cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	67 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 241	741 B
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3736 adservice.google.co.uk — Cisco Umbrella Rank: 5744	939 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 638 script.hotjar.com — Cisco Umbrella Rank: 870	72 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1284	104 B
2	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 929	315 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 505 eb2.3lift.com — Cisco Umbrella Rank: 351	677 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1296 contextual.media.net — Cisco Umbrella Rank: 603	9 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 889	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1033 pixel.quantserve.com — Cisco Umbrella Rank: 799	9 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2608 p1.parsely.com — Cisco Umbrella Rank: 2013	22 KB
2	amazonaws.com lgbtqnation-assets.s3.amazonaws.com — Cisco Umbrella Rank: 496807 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4984	15 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 347	866 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428	618 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	49 KB
1	marphezis.com brightcombid.marphezis.com — Cisco Umbrella Rank: 13176	172 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 608	388 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3719	530 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 920	643 B
1	btloader.com btloader.com — Cisco Umbrella Rank: 802	7 KB
1	videoplayerhub.com 1 redirects q-digital.videoplayerhub.com — Cisco Umbrella Rank: 314976	457 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
177	41

	Domain	Requested by
25	abuwjaawap.cloudimg.io	auto.gemvpn.xyz
25	www.lgbtqnation.com	auto.gemvpn.xyz www.lgbtqnation.com
11	js-agent.newrelic.com	auto.gemvpn.xyz
6	api.omappapi.com	auto.gemvpn.xyz
6	securepubads.g.doubleclick.net	auto.gemvpn.xyz securepubads.g.doubleclick.net
5	pixel.rubiconproject.com	3 redirects
5	pagead2.googlesyndication.com	auto.gemvpn.xyz tpc.googlesyndication.com
5	tpc.googlesyndication.com	dfboipmnnah5o.cloudfront.net auto.gemvpn.xyz
5	adspsp.com	auto.gemvpn.xyz
5	auto.gemvpn.xyz	auto.gemvpn.xyz
4	cm.g.doubleclick.net	2 redirects
4	token.rubiconproject.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	www.google-analytics.com	auto.gemvpn.xyz
3	onesignal.com	auto.gemvpn.xyz
3	www.googletagmanager.com	auto.gemvpn.xyz
3	ib.adnxs.com	auto.gemvpn.xyz acdn.adnxs.com
3	a.omappapi.com	auto.gemvpn.xyz
3	c.amazon-adsystem.com	auto.gemvpn.xyz
2	eus.rubiconproject.com	auto.gemvpn.xyz eus.rubiconproject.com
2	bam.nr-data.net	auto.gemvpn.xyz
2	www.google.com	auto.gemvpn.xyz
2	i.clean.gg	auto.gemvpn.xyz
2	ssc.33across.com	auto.gemvpn.xyz
2	btlr.sharethrough.com	auto.gemvpn.xyz
2	ad-delivery.net	auto.gemvpn.xyz
2	sb.scorecardresearch.com	auto.gemvpn.xyz
2	cdn.onesignal.com	auto.gemvpn.xyz
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org
1	eb2.3lift.com	auto.gemvpn.xyz
1	acdn.adnxs.com	auto.gemvpn.xyz
1	contextual.media.net	auto.gemvpn.xyz
1	ssc-cms.33across.com	auto.gemvpn.xyz
1	www.googletagservices.com	dfboipmnnah5o.cloudfront.net
1	2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com	auto.gemvpn.xyz
1	adservice.google.com	auto.gemvpn.xyz
1	adservice.google.co.uk	auto.gemvpn.xyz
1	www.google.co.uk	auto.gemvpn.xyz
1	img.onesignal.com	auto.gemvpn.xyz
1	stats.g.doubleclick.net	auto.gemvpn.xyz
1	script.hotjar.com	auto.gemvpn.xyz
1	sqs.us-east-1.amazonaws.com	auto.gemvpn.xyz
1	static.hotjar.com	auto.gemvpn.xyz
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.quantserve.com	auto.gemvpn.xyz
1	brightcombid.marphezis.com	auto.gemvpn.xyz
1	tlx.3lift.com	auto.gemvpn.xyz
1	ap.lijit.com	auto.gemvpn.xyz
1	fastlane.rubiconproject.com	auto.gemvpn.xyz
1	prebid.media.net	auto.gemvpn.xyz
1	hb-api.omnitagjs.com	auto.gemvpn.xyz
1	p1.parsely.com	auto.gemvpn.xyz
1	aax.amazon-adsystem.com	auto.gemvpn.xyz
1	d15kdpgjg3unno.cloudfront.net	auto.gemvpn.xyz
1	rules.quantcount.com	auto.gemvpn.xyz
1	ad.doubleclick.net	auto.gemvpn.xyz
1	secure.quantserve.com	auto.gemvpn.xyz
1	dyv1bugovvq1g.cloudfront.net	auto.gemvpn.xyz
1	geo.adspsp.com	auto.gemvpn.xyz
1	cdn.parsely.com	auto.gemvpn.xyz
1	btloader.com	auto.gemvpn.xyz
1	q-digital.videoplayerhub.com	1 redirects
1	lgbtqnation-assets.s3.amazonaws.com	auto.gemvpn.xyz
1	fonts.googleapis.com	auto.gemvpn.xyz
1	prod.adspsp.com	auto.gemvpn.xyz
1	dfboipmnnah5o.cloudfront.net	auto.gemvpn.xyz
177	70

This site contains links to these domains. Also see Links.

Domain
www.lgbtqnation.com
app.monstercampaigns.com
twitter.com
facebook.com
instagram.com
www.queerty.com
www.intomore.com
www.twitter.com
linktr.ee
www.youtube.com
www.gaycities.com
intomore.com
www.q.digital

Subject Issuer	Validity	Valid
gemvpn.xyz E1	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
prod.adspsp.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.cloudimg.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-23` - `2023-05-31`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
geo.adspsp.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-19`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
a.omappapi.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
adspsp.com Amazon RSA 2048 M02	`2023-02-10` - `2024-01-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
ssc.33across.com GTS CA 1D4	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.marphezis.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-03` - `2024-01-03`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://auto.gemvpn.xyz/
Frame ID: B3552A5CC2EDD2AAA9B4AD9BAE2EFE45
Requests: 148 HTTP requests in this frame

Frame: https://2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C893E033D82D242B04765122242CAC7A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLXsEHCLghHPN3XFUC463HJzzXS6TF2Onz0nJkeMG4ODaAMr3L7rI-JfCo7WEgMUzBucwrXTTB-Bpz7AiNtPzrjdPyzlMlnypkEMt_hB4pZrx3pSv87NMTQIju0oGWl4hQ0TRjpBvaXbQPGA1Kt5dFMWyuGd97VJufhYWPDgEQWZmDnHWWBQHRXYSu-u40g8yM3tzQw_IcX8rgNARHIsFA1ciG8ydlZHOJsWtjDI-UFYa5Rpm74AzftkWYCvveGKh0l5FiXTFkPhXbHyKlxZzSvN8htIM9OeiQIvBFRd9Cra1_5Nr2FcqxNQ1hwPyFyKvR30o&sai=AMfl-YSe_H7mBiV1R8eEs2Kq6mRH56mLFJ8gQQ311BMUuC1pBeXqXhHpV77rD0BnhBT5kWs5nya1a-iHS0swpOtH_ARbotvnl3OQd9xIgt5ZJ04&sig=Cg0ArKJSzHHDUoGDOfIzEAE&uach_m=[UACH]&adurl=
Frame ID: DBCEE5CAEDD70B5BC7DC42D0A3149583
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AEF52AE57A1735EFCFED3AFBCCBE44C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B29CD3AF44E096F187D9E3FDF8CBBC8
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dWBJy2QKOr6jjQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: D7A284CE794957ED7030E21A5D0D7B06
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU6A725L&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1EF60C16F7551B6AAC84D4FD20E8485F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E3F0BD5C7EB85BF535DB7DCBF1C52D05
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0345AA8748FFCB9CC44F6A10DEF8FF52
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0665B443D60CEA3F0F8C0463B209BCEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LGBTQ Nation - The Most Followed LGBTQ News Source

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

177
Requests

95 %
HTTPS

48 %
IPv6

41
Domains

70
Subdomains

66
IPs

6
Countries

1903 kB
Transfer

4556 kB
Size

37
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lgbtqnation.com/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/life/
Title: Life

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/politics/
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/bias-watch/
Title: Bias Watch

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/commentary/
Title: Commentary

Search URL Search Domain Scan URL

URL: https://app.monstercampaigns.com/c/qun2nne3a2xz7mclcnpb/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://twitter.com/lgbtqnation

Search URL Search Domain Scan URL

URL: https://facebook.com/lgbtqnation

Search URL Search Domain Scan URL

URL: https://instagram.com/lgbtqnation

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/zooey-zephyr-hugs-her-colleagues-as-she-returns-to-the-montana-house-floor/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/copenhagens-mayor-calls-out-tiny-california-towns-hostile-pride-debate/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/7-lgbtq-athletes-who-came-out-changed-the-game/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/families-of-trans-youth-sue-oklahoma-over-its-new-gender-affirming-healthcare-ban/
Title: Families of trans youth sue Oklahoma over its new gender-affirming healthcare ban

Search URL Search Domain Scan URL

URL: https://www.queerty.com/florida-woman-declared-a-local-hero-for-throwing-a-drink-in-matt-gaetzs-face-at-a-wine-festival-20230503?utm_source=lgbtqnation&utm_medium=directlink&utm_campaign=directlink&utm_content=Florida+woman+declared+a+national+hero+for+throwing+a+drink+in+Matt+Gaetz%E2%80%99s+face+at+a+wine+festival
Title: Florida woman declared a national hero for throwing a drink in Matt Gaetz’s face at a wine festival

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/j-harrison-ghee-alex-newell-make-history-as-first-nonbinary-actors-nominated-for-tony/
Title: J. Harrison Ghee & Alex Newell make history as first nonbinary actors nominated for Tony

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/2-men-joined-lesbian-dating-app-to-shame-trans-women-but-they-just-ended-up-shaming-each-other/
Title: 2 men joined lesbian dating app to shame trans women but they just ended up shaming each other

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/cops-told-hayley-kiyoko-she-couldnt-have-drag-queens-in-her-show-she-brought-them-onstage-anyway/
Title: Cops told Hayley Kiyoko she couldn’t have drag queens in her show. She brought them onstage anyway.

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/anti-lgbtq-trump-lawyer-whines-as-fellow-magas-turn-on-her-with-misogynist-insults/
Title: Anti-LGBTQ+ Trump lawyer whines as fellow MAGAs turn on her with misogynist insults

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/dylan-mulvaney-tells-rosie-odonnell-its-time-for-lgbtq-people-to-step-up-for-trans-people/
Title: Dylan Mulvaney tells Rosie O’Donnell it’s time for LGBTQ+ people to “step up” for trans people

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/wisconsins-out-sen-tammy-baldwin-announces-reelection-campaign/
Title: Wisconsin’s out Sen. Tammy Baldwin announces reelection campaign

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/whiney-marco-rubio-says-a-dylan-mulvaney-instagram-video-will-end-the-global-balance-of-power/
Title: Whiney Marco Rubio says a Dylan Mulvaney Instagram video will end the global balance of power

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/north-dakota-governor-signs-trans-sports-bans-after-vetoing-them-in-past-years/
Title: North Dakota governor signs trans sports bans after vetoing them in past years

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/usa/
Title: News (USA)

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/missouri-gop-votes-to-slash-state-library-funding-over-lgbtq-books/
Title: Missouri GOP votes to slash state library funding over LGBTQ+ books

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/whose-egg-is-it-anyway-what-not-to-ask-a-queer-parent/
Title: Whose egg is it anyway? What not to ask a queer parent.

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/rightwingers-are-now-boycotting-jack-daniels-over-an-lgbtq-campaign-from-2-years-ago/
Title: Rightwingers are now boycotting Jack Daniel’s over an LGBTQ+ campaign from 2 years ago

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/anti-trans-trolls-attempted-to-swat-zooey-zephyr-girlfriend-erin-reed/
Title: Anti-trans trolls attempted to “swat” Zooey Zephyr & girlfriend Erin Reed

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/wanda-sykes-joel-kim-booster-lilly-wachowski-other-lgbtq-stars-support-writers-strike/
Title: Wanda Sykes, Joel Kim Booster, Lilly Wachowski, other LGBTQ+ stars support writers’ strike

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/gop-congresswoman-snaps-at-conservative-who-accused-her-of-supporting-trans-people-by-wearing-a-tux/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/cops-tackle-protestors-after-gop-orders-removal-of-trans-rights-activists-from-texas-house/
Title: Cops tackle protestors after GOP orders removal of trans rights activists from Texas House

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/florida-lawmaker-admits-republicans-hate-lgbtq-people/
Title: Florida lawmaker admits Republicans hate LGBTQ+ people

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/karine-jean-pierre-scolds-fox-reporter-for-his-dramatics-at-press-briefing/
Title: Karine Jean-Pierre scolds Fox reporter for his “dramatics” at press briefing

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/gop-governor-rejects-funding-for-pbs-because-clifford-the-dog-indoctrinates-kids/
Title: GOP governor rejects funding for PBS because Clifford the dog “indoctrinates” kids

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/anti-lgbtq-pundit-accused-of-abusing-wife-exposing-genitals-to-coworkers/
Title: Anti-LGBTQ+ pundit accused of abusing wife & exposing genitals to coworkers

Search URL Search Domain Scan URL

URL: https://www.intomore.com/culture/trailblazer-cece-telfer-knows-trans-girls-belong-in-sports/?utm_source=lgbtqnation&utm_medium=directlink&utm_campaign=directlink&utm_content=Trailblazer+CeC%C3%A9+Telfer+knows+trans+girls+belong+in+sports
Title: Trailblazer CeCé Telfer knows trans girls belong in sports

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/what-does-the-bible-say-about-transgender-people-an-in-depth-look/
Title: What does the Bible say about transgender people: An in-depth look

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/prime/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/the-benefits-and-dangers-of-viagra-might-be-greater-than-you-think/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/how-to-win-the-battle-with-erectile-dysfunction-part-1/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/04/by-the-numbers-boomers-are-retiring-in-the-millions-and-the-healthcare-costs-will-be-staggering/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/03/this-new-popular-housing-choice-could-be-right-for-you/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/rachel-maddow-connects-ugandas-kill-the-gays-bill-to-arizona-christians/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/world/
Title: News (World)

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/anti-lgbtq-legislation-is-making-66-of-queer-youth-more-anxious-suicidal/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/2023/05/dwyane-wade-gabrielle-union-heckled-by-transphobes-why-did-you-mutilate-your-son/

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/page/2/
Title: 2

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/page/3/
Title: 3

Search URL Search Domain Scan URL

URL: https://www.lgbtqnation.com/page/1892/
Title: 1,892

Search URL Search Domain Scan URL

URL: https://www.twitter.com/lgbtqnation
Title: Twitter168K+ followers

Search URL Search Domain Scan URL

URL: https://linktr.ee/lgbtqnationpodcast
Title: podcastApple, Spotify, Stitcher and more

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/lgbtqnation
Title: Youtube2K+ subscribers

Search URL Search Domain Scan URL

URL: https://www.gaycities.com/
Title: GayCities

Search URL Search Domain Scan URL

URL: https://www.queerty.com/
Title: Queerty

Search URL Search Domain Scan URL

URL: https://intomore.com/
Title: INTO

Search URL Search Domain Scan URL

URL: https://www.q.digital/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://q-digital.videoplayerhub.com/galleryplayer.js?ver=20210324 HTTP 301
https://btloader.com/tag?h=q-digital&upapi=true

Request Chain 165

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjE2ODRhNzNkMDI2NTVlMzkyNTI1MTFhNDcyODY5ZDgwYjM1YzVmZg

Request Chain 167

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg4OUVNNVMtMUItMU1EUw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMEuadWqdq2CYyT54c3UBJk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg4OUVNNVMtMUItMU1EUw==&google_push=

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJgLlbiy7PbF0CCl2kER6rg&google_cver=1

Request Chain 169

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=daILyvFyScOJcnZiH7oOCg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=daILyvFyScOJcnZiH7oOCg

Request Chain 170

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9yJeJldy1ivpD2mkmwTf8sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LRhRTMhE2oKgxtzNAtlWJvIzCGbp7N_Gi.yT7w--~A

Request Chain 171

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH89EM5S-1B-1MDS

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wlW3JyMbSn6FZ8pRBqGKrg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wlW3JyMbSn6FZ8pRBqGKrg

177 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auto.gemvpn.xyz/ 209 KB
49 KB 121ms
67ms Document
text/html 2606:4700:3033::ac43:a868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1057e4f354e87601afb0d654f43d5305be92b50116d5bbfcd35e47f26024bdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload max-age=31622400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7c1be069ec619a05-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 22:17:53 GMT
link: <https://www.lgbtqnation.com/wp-json/>; rel="https://api.w.org/" <https://lgbtq.to/41Y8KdM>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=(self "https://www.lgbtqnation.com"), microphone=(), camera=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQbpXXG3sfZUxwj9HszY5eTJpNaWySjh5%2BblLZZgEUTfJ5TowMVn1j39Ua5FONfT%2FYr8AlcuiTyqaGjPqY%2F94u7f2cc2xiQWQK7xwgKNQVsBOeX3LDKPY9kqPWVFNdtMU7PEKUoq6ElMNsqWk1EEpP09"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536001; includeSubDomains; preload max-age=31622400
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 6, 5
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc
x-served-by: cache-chi-kigq8000155-CHI, cache-fra-eddf8230024-FRA
x-styx-req-id: 4b0b2efd-e9ff-11ed-a37c-d2ed9f824b70
x-timer: S1683152273.992902,VS0,VE0
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
dfboipmnnah5o.cloudfront.net/ 124 KB
43 KB 50ms
9ms Script
application/javascript 2600:9000:20eb:da00:3:aed2:1700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfboipmnnah5o.cloudfront.net/script.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:da00:3:aed2:1700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73d16488d186dafad0d8dffc5f86b94e0c35d413be4b1741bc3df9242740c170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: lvA_3mC1JLsSODg2hEbzKczXFSCx7wvd
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
date: Wed, 03 May 2023 22:16:02 GMT
last-modified: Wed, 03 May 2023 18:27:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 112
x-amz-server-side-encryption: AES256
etag: W/"d91389593c2e26f12865008f06664f88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: vmJzpRBA8I0MIWYFEfW7qdHaRxtVTxJQ1kReyE4D1HDQW6T-YMk0tg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 76ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32a7301ef69acc2e8bb32e2a831ab0d20cf143e7dadc8a32cb646d3adfc947ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24815
x-xss-protection: 0
server: cafe
etag: 698 / 19480 / m202305010101 / config-hash: 4027723343301255587
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H/1.1 200
OK adb.2634970.min.js Show response
prod.adspsp.com/ 284 KB
92 KB 47ms
8ms Script
text/javascript 13.32.27.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.2634970.min.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 802c95f9cbdcf9e286b3cbf423448376fe90991e1a7ea6305049991fc566a13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 21:36:07 GMT
Content-Encoding: gzip
Via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 May 2023 21:34:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 70314
x-amz-server-side-encryption: AES256
ETag: W/"dbd8a4e2670a29587c3ba8d0e3915674"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: m4TAjx-Vd_Xtsok1Ja_vADPvnHgE571Z1ZsvKY_YdnO7nX13slooCA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 227 KB
56 KB 48ms
6ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:03:49 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 19:15:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 845
x-amz-server-side-encryption: AES256
etag: W/"e301ce991ef543783521cd0156a962ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: i28nQAcfHELFzhdmgbDOyB2xu7jDg-SYqBQdqMUuA3_aYwQWYAH8oA==

GET
H2 200 style.min.css
www.lgbtqnation.com/wp/wp-includes/css/dist/block-library/ 93 KB
13 KB 70ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-774wk
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100134-CHI, cache-fra-eddf8230055-FRA
last-modified: Tue, 02 May 2023 17:05:28 GMT
server: cloudflare
x-timer: S1683152273.088665,VS0,VE1
etag: W/"645142d8-172a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13dZcBNPq1trvwAslaqeKDOeOQAgH07HAErpNUXsjU9jZgLNX9CDpdu8Dgjw1RNyU4ONGjr0%2BgYcRuxbsa1A%2BkrAzykG1m42bgkWwLhvSsaqDl4J8x9SLSsABPabmX5xzLFWkPS8fNxrr%2FuxFa445wpc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 501767dc-e90c-11ed-a69b-266b36fadd0e
cache-control: max-age=31622400
cf-ray: 7c1be06aaaad2c3a-FRA
x-cache-hits: 15, 1

GET
H2 200 classic-themes.min.css
www.lgbtqnation.com/wp/wp-includes/css/ 217 B
919 B 53ms
14ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000058-CHI, cache-fra-eddf8230119-FRA
last-modified: Tue, 02 May 2023 17:05:28 GMT
server: cloudflare
x-timer: S1683050294.155240,VS0,VE1
etag: W/"645142d8-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir6cft3ba2ZRyOlggesUOF3YUDyESfYWXUZ%2F7TzfvlFexVPfWBEkFNyF%2Bh54Dj%2F7rId66tXlFzxFnC4GqmgiNs2rWZSWur2rHHtg6qzoZDgwbdVbWopIvrxzoW3rFDrwwHIgtnE1XSW4r8jVu9Tvt90R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 50189f3f-e90c-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06aaaae2c3a-FRA
x-cache-hits: 17, 1

GET
H2 200 frontend.css
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/css/ 23 KB
5 KB 53ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/css/frontend.css?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747a3bba65f5fa699a05b34f7d60088ed3c5748004e2a8e43b1bf7778a130281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:57 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84220
cf-polished: origSize=33126
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 18, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100123-CHI, cache-fra-eddf8230053-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 22:23:41 GMT
server: cloudflare
x-timer: S1683068053.345291,VS0,VE2
etag: W/"64518d6d-8166"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY4oqPaEVa%2FcMHBG%2FBDCM4BVqAPn82KI5X6814aezCFOkT74eMk8dL1uuEVnXN9pYrXz2AzNuWmGoS01TB8NcgvwpW6VwHuzMObn%2Fr0RArFyCXWnT9l3fnXDqCXONJj%2BuwED9hTxHloLTzwtBtCzdQWo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 2b9a8abe-e938-11ed-a139-fa0d7fa6cc3c
cache-control: max-age=31622400
cf-ray: 7c1be06aaaaf2c3a-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5kdf8

GET
H2 200 widget-leaderboard.css
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/css/ 1 KB
796 B 52ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/css/widget-leaderboard.css?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d59782968fe887a66eb653b45b9162a2c44dcd407152c68657bbb54d38d272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:57 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84220
cf-polished: origSize=1295
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 19, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000127-CHI, cache-fra-eddf8230033-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 22:23:41 GMT
server: cloudflare
x-timer: S1683068053.343318,VS0,VE1
etag: W/"64518d6d-50f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FW0fCj%2BusapdB3LV7XbJF8aK%2FSy%2B30ZeJC8g3D1YOUqXs9xKEZLAS86Ow8RwxCNYU80obhPtU0D5c09ja6zDP6HCYyjXvvAUQXESXPn0hKdger0S1Aokpipl%2BXj%2FfPY%2BSGIqkVm52j8xlL2U9Rrru2Z"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 2b9c39de-e938-11ed-a37c-d2ed9f824b70
cache-control: max-age=31622400
cf-ray: 7c1be06aaab02c3a-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc

GET
H2 200 animations.css
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/animations/ 17 KB
3 KB 54ms
17ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/animations/animations.css?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75000e96e6f6234ea2ae0454bc85b2f9796829b7191ba1cab893522f6c776062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:57 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84220
cf-polished: origSize=27883
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 17, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000035-CHI, cache-fra-eddf8230061-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 22:23:41 GMT
server: cloudflare
x-timer: S1683068053.343338,VS0,VE1
etag: W/"64518d6d-6ceb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiuEiGncwRry%2BE15%2F32OKxqT%2FUelSO6ET1HOyO3DTmMDtyi%2FfDMh2iGqnLHGI1stXWdWa66eHO%2Byl5KwROMWlm3GJ7IDK9bfJk9nbjwM%2Bw%2F7QQyzBjrBwandWzIPDUOzF98Ci3WZyFIGwpChwINVg2Jj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 2b99e666-e938-11ed-8145-2ecbc81e1adc
cache-control: max-age=31622400
cf-ray: 7c1be06aaab12c3a-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-nk5mx

GET
H2 200 cookie-law-info-public.css
www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 3 KB
1 KB 53ms
16ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=3967
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 17, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000071-CHI, cache-fra-eddf8230022-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683050294.144484,VS0,VE3
etag: W/"645142d6-f7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTXIA9X4Pj2zT8MbYjQayUMJv1BumtK%2Ffdtwr3t6pxhmGmDWET%2ByarmrK8OUy6QKB9evJ%2FInLrKNv4GiWux8cmMO0upT0KXDsvWSXKsc4zjXj%2FGjjH7W59Vo3B%2BvG9H1h45vImLCE4OVWgeQQxY2jlA%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 5018b372-e90c-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06aaab22c3a-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9

GET
H2 200 cookie-law-info-gdpr.css
www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 17 KB
4 KB 53ms
16ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b0bdf59b1ce2c43507c42dfc11f73185ab3b04717399db2544c458df3c1dfd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=22265
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 16, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000023-CHI, cache-fra-eddf8230029-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:27 GMT
server: cloudflare
x-timer: S1683050294.157989,VS0,VE2
etag: W/"645142d7-56f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShB6OXEME%2F9uTyZyutPdEoGKIeQ3PsXWKIEPmWDDw%2FHMhNzXfNi4kPz9gG0B97yXdqHCeQj4QR%2Bj%2F%2BkqNEJ5zyamKRfP93%2FcFa99H06AF%2FZlR%2FEl%2BcYLRVvZwTTIDULhm7qoPySbA2UIHLDXDWPpnc4P"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 50175f2a-e90c-11ed-9251-d60409dc0553
cache-control: max-age=31622400
cf-ray: 7c1be06abab52c3a-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-m7g5m

GET
H2 200 vendors.css
www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/ 116 KB
21 KB 55ms
19ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/vendors.css?ver=v20220309a

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4074606040c859be816705f57d552c550b252f1f05513ed7fe931e8d2903080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=171005
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 15, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100039-CHI, cache-fra-eddf8230052-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:27 GMT
server: cloudflare
x-timer: S1683050294.157463,VS0,VE13
etag: W/"645142d7-29bfd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUZSsKXnPk%2Bjbm%2FTwUTmMj8V2Mk%2Bp8ZG8qduttYZYs5EuAi%2BF7lhgIr9mRiDZykvE846Hq98n0oi%2FQoM2eejWDLGD%2BIYRxIB44gDOCIfKfoq5EzigcGlkueHvbpMRT2MlOgtDNfZ%2FLtq5GqlCkHjbQVq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 501a8105-e90c-11ed-8d30-9a8294422577
cache-control: max-age=31622400
cf-ray: 7c1be06aaab42c3a-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-pqhqh

GET
H2 200 main.css
www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/ 94 KB
19 KB 59ms
23ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/main.css?ver=1683122433

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e78e055b18557a9102461c4f4ea15a43995d5dd8f3d12e169adaf1f3f77868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Fri, 03 May 2024 14:00:42 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23196
cf-polished: origSize=96229
content-encoding: br
x-cache: MISS, HIT
x-cache-hits: 0, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000165-CHI, cache-fra-eddf8230048-FRA
cf-bgj: minify
last-modified: Wed, 03 May 2023 14:00:29 GMT
server: cloudflare
x-timer: S1683129078.638561,VS0,VE2
etag: W/"645268fd-177e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd1GuEfcTzIW5obcpMiPEI3WY0xI2k38Bp9usJbq4FapbBR8PsSzbAADJ5ZMAdog3lmBi2lIdx0odMtKfBB63P%2FApyIbHg5g8haUr7z%2FH1sg%2BBw5L35ZhDOqod5W8RoYkf2bUBO4HML4TsYtN%2F%2FrcIlS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: e37dc26f-e9ba-11ed-b29b-3674233cca68
cache-control: max-age=31622400
cf-ray: 7c1be06aaab32c3a-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5chg9

GET
H2 200 frontend-gtag.min.js Show response
www.lgbtqnation.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
4 KB 52ms
17ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.14.1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-pqhqh
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230116-FRA
last-modified: Tue, 02 May 2023 17:05:25 GMT
server: cloudflare
x-timer: S1683050294.306060,VS0,VE2
etag: W/"645142d5-2e7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElGI%2Ba%2BMSONIiPSquYKwT89UBz%2F6KQKGJUWNKHDNgiP08%2BcbRpSMO3JYTSzDpe6R%2FrzMbm9Lb4O72wRquTWF5uLwcNQM9JqRJzYv%2FUdfmOfYmuz2MvR3BHyifAy56wzgZ%2F6Lab8MUcZGG%2B3bxkh89uJV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 50193603-e90c-11ed-8d30-9a8294422577
cache-control: max-age=31622400
cf-ray: 7c1be06abab62c3a-FRA
x-cache-hits: 13, 1

GET
H2 200 jquery.min.js Show response
www.lgbtqnation.com/wp/wp-includes/js/jquery/ 88 KB
32 KB 58ms
23ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-pqhqh
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100067-CHI, cache-fra-eddf8230045-FRA
last-modified: Tue, 02 May 2023 17:05:28 GMT
server: cloudflare
x-timer: S1683050294.302470,VS0,VE2
etag: W/"645142d8-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld2SPI0SK7AatGBd0qPg2LL8Igh61imgrhPfVJNbMtaTcGwtgPn4UIfAthqNyoke%2FMpbbGYYVc9qRtTUvI9ypsf7OCuulsmaCZASDqYWtaORtpUlQEVVSZvdR1ShD0x5h4gv9ea0t1yNoo6S26iJRSiI"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 501a0667-e90c-11ed-8d30-9a8294422577
cache-control: max-age=31622400
cf-ray: 7c1be06abab92c3a-FRA
x-cache-hits: 17, 1

GET
H2 200 jquery-migrate.min.js Show response
www.lgbtqnation.com/wp/wp-includes/js/jquery/ 11 KB
5 KB 57ms
22ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-m7g5m
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100059-CHI, cache-fra-eddf8230040-FRA
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683050294.318336,VS0,VE2
etag: W/"645142d6-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FT654Ct35ek%2FbkA58jq4bjIggtclq49R%2FwcVAPlNTmWkhE6I9bqzRxs%2FsczSD1MkNbdHsiMsURe%2BnA9Y2ZWx01%2F8jyl%2Bjb0TX5xyUmwILgueVhe9d2mWhNVYTBt5cpXz0yu5JW8SmzV%2FviYXbfztA%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 50199c4e-e90c-11ed-9251-d60409dc0553
cache-control: max-age=31622400
cf-ray: 7c1be06abab82c3a-FRA
x-cache-hits: 16, 1

GET
H2 200 cookie-law-info-public.js Show response
www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 39 KB
10 KB 18ms
16ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51aaa102a38e781229d7ccf4572538d580f51d9edb2c59fdd94875f0a0c4d322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=50720
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 17, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100043-CHI, cache-fra-eddf8230115-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683050294.314449,VS0,VE2
etag: W/"645142d6-c620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZB4wIelDVD6tb3LtK2otlDyd9AdclreI882xpWJ%2FwcYmy54eTzREL%2BR%2FjLVIVDI1sq9vPQqjRtIDziPctHhxDDf25Y%2FFRkdiyT54wgJ9txIzYK%2FH3FHGpQRCm61bb41QQlWYGMWG%2BqWx25LEKPzQvuqT"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 501efc6a-e90c-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06acaca2c3a-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9

GET
H2 200 cookie-law-info-ccpa.js Show response
www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/admin/modules/ccpa/assets/js/ 6 KB
2 KB 16ms
14ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js?ver=2.3.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb98e186ac26f3c45bf690ff488f9d1d73de6b0d973afccc2228e462f7951bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=8502
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 7, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100139-CHI, cache-fra-eddf8230117-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:27 GMT
server: cloudflare
x-timer: S1683050294.318808,VS0,VE2
etag: W/"645142d7-2136"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNuJOSgwmOplSmBe45UorxmVUb6zBdgMBkrxvjnRBUp%2BoTc%2Bsglczio4%2F2%2Fe43ANjZl1n7T%2BQoQ6iOw%2FEUcQkFB53crm5gkTpSHPXiNH3B9iuLvdxwkXYRGSUEmbhzSXpVSDJ0pF3DjI8UXkG4B2oaob"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 501a9ddb-e90c-11ed-a69b-266b36fadd0e
cache-control: max-age=31622400
cf-ray: 7c1be06acacc2c3a-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-774wk

GET
H2 200 main.js Show response
www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/scripts/ 7 KB
3 KB 15ms
13ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/scripts/main.js?ver=v20220725a

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c5c88c6307b95428f2b8c752ef81f522d04390378cb8967db0a5f1834aac69d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101979
cf-polished: origSize=8364
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 17, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000105-CHI, cache-fra-eddf8230078-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:23 GMT
server: cloudflare
x-timer: S1683050294.305700,VS0,VE24
etag: W/"645142d3-20ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgBgptfFyAHZKtA%2FboLkG%2BT1LGrVgZr7p%2FFdhho97f1fqMI28QlRrA8YTtz2tphCXciyqAIdYE4Ps%2FXFjmKlIA3M7G3XjW2rDFEWE4UNsG7DQHl3cv6WseDfY8g8unPR7xmROwBNQ5ENzNcTPYKFzbSQ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 50198035-e90c-11ed-a37c-d2ed9f824b70
cache-control: max-age=31622400
cf-ray: 7c1be06adacd2c3a-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d0cecd5e0748660f3aeea01981c4ee5e5150558a2281c0d5e5c3c3877eebd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 22:17:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H2 200 lgbtq-nation-logo.svg
auto.gemvpn.xyz/images/logos/ 5 KB
3 KB 90ms
85ms Image
image/svg+xml 2606:4700:3033::ac43:a868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto.gemvpn.xyz/images/logos/lgbtq-nation-logo.svg

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b2a4ee2647a0ba753cef06d89128cb59585e2422c85cc585b313efcce1dbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:00 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-774wk
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000159-CHI, cache-fra-eddf8230090-FRA
last-modified: Tue, 02 May 2023 17:05:23 GMT
server: cloudflare
x-timer: S1683048373.272011,VS0,VE1
etag: W/"645142d3-143d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TBk26e4TryWKa34WWqhBIEEd8J%2FpyDk3crtPicbQvjoFwZtuVVx617%2Bobs3qiXRcPHJSyEdKGbzeUbu3fSrPf5rvvpkDn5XtsF%2B%2F40aZc22j6T1XDO3YJpnbfBp%2FpLriPkQcy0UyVH8faYP%2FlxfvraR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4ffae670-e90c-11ed-a69b-266b36fadd0e
cache-control: max-age=31622400
cf-ray: 7c1be06badaa9a05-FRA
x-cache-hits: 16, 1

GET
H2 200 lgbtq-nation-logo-stacked.svg
auto.gemvpn.xyz/images/logos/ 5 KB
2 KB 69ms
64ms Image
image/svg+xml 2606:4700:3033::ac43:a868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto.gemvpn.xyz/images/logos/lgbtq-nation-logo-stacked.svg

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505799011939a803e0c6fb372c5b0ed517e7c41f88275dfec40e42322b62a7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5kdf8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100179-CHI, cache-fra-eddf8230035-FRA
last-modified: Tue, 02 May 2023 17:05:23 GMT
server: cloudflare
x-timer: S1683048507.304311,VS0,VE3
etag: W/"645142d3-1461"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7PUSZxVDFkSXr1uR6kbqrQM%2FAt6QC%2BL8UgwTcRb56GH33O6%2BIwa3WBBmSxztjtg0oeH19iG8u%2FvmeJDA30jjZExBfYRfLFqw4dbitOrYOC5mMAI8sJ8w64Y56lDeHGF3Nbp%2B%2FtQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 50126857-e90c-11ed-a139-fa0d7fa6cc3c
cache-control: max-age=31622400
cf-ray: 7c1be06badab9a05-FRA
x-cache-hits: 16, 1

GET
H2 200 zooey-zephyr-1.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 20 KB
21 KB 61ms
7ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/zooey-zephyr-1.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=1200&h=600

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

2a2d07fabd119cc7e447abf4e4388c83bc295cd956480cea99ad3de61287cd15

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 13:04:41 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 551592
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 20562
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 161575s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230427130441_85a69_R0iR#600z
etag: "5cef808947f88fa58c3f6e7ef742e3d0"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: Pab0mgBxyXz6srtVMWHB_5loRdfskwUUJxhAWABtoySl1GjYE_SZqw==

GET
H2 200 shutterstock-106732691.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 30 KB
31 KB 64ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/shutterstock-106732691.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=524&h=220

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

af737ee5d9d71c2396304cc8f9b159e238fb2f6b49192db9378adeb5a249a1e9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 19:37:45 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 9608
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 31060
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 87940s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503193745_727ec_QPts#370z
etag: "d2dbdc5a6eb39943095fb88e2302f2c1"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: QZVK0eaWChp1PzfKkIAS4icNlbaMFVtCfQu7Nddz-2eeG-DfUn_xVw==

GET
H2 200 screenshot-2023-05-02-at-3.17.24-pm-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 15 KB
15 KB 67ms
13ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/screenshot-2023-05-02-at-3.17.24-pm-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=524&h=220

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

f2a8f1e1909fe26e2d507b01748c27a1c20bfec5301fbe30fb3f1e87f87c2a7a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:22:52 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 21301
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 14864
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 71046s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230503162252_fc738_7kmP#370z
etag: "812ac9f7c39f5d3c69435ee1e2ffe18b"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: WRs7RaPc0_3DUPiBFGRm8xB71x5Wnvw-rkf88PrrEeCf60M6-MDREg==

GET
H2 200 shutterstock_1433782895-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/03/ 27 KB
27 KB 67ms
14ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/03/shutterstock_1433782895-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=1000&h=624

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

171e358f6ae3926c731b24e04037707829bd2b4f4bbe2b9dac5eeed5a9eb3fdc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:11:43 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 370
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 27168
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 33104784s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503221143_ccfe4_JDqB#777z
etag: "17b2c32befc1319058168f76c43a878d"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: 32s8mXIr6wvqEVUAzuXwXeR1nSxmKED2BUlXkdtpQGCPP2PASYSJmQ==

GET
H2 200 Screenshot-2021-11-29-154837.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/11/ 35 KB
36 KB 69ms
16ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/11/Screenshot-2021-11-29-154837.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=1000&h=624

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

7c072d42d70e55e36649a611c71449fade8f374eb1378b60b320ff1f2372c302

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:38:26 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 20367
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 36234
x-xss-protection: 1
x-hexa-initwait: first_req, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230503163820_55b5e_qbwZ#777z320y330y
etag: "ac8373a7b85c1c0dfe98586cd1f3cb07"
x-resource-status: downloaded
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: A1R_w2_s1(webp)_w2_s2(png)_e(4)R
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: C3pubVcNSJxQVr_cenJsAtLnDvr5au_x77AkYJ8__-q7OnM7VbYFUQ==

GET
H2 200 hags-food-wine-glasses-12-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/10/ 35 KB
35 KB 70ms
17ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/10/hags-food-wine-glasses-12-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=1000&h=624

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

7b14f39501d672924b7aa33ee8619892cc29467109d35147520b9641564c0ad3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:00:30 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 4643
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 35460
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 5824s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503210030_79b28_2r7T#370z
etag: "8301556c25b7c618427188a2c2a8ce4c"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: 2gKof0U-0vDkKggecQBp_oE2WC5AobEwJmJ3c8KUPjuyT7J3drObjw==

GET
H/1.1 200
OK lgbtq-prime-logo.png
lgbtqnation-assets.s3.amazonaws.com/assets/2022/09/ 14 KB
14 KB 359ms
128ms Image
image/png 52.216.224.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lgbtqnation-assets.s3.amazonaws.com/assets/2022/09/lgbtq-prime-logo.png
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.224.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 71977ff12332da95182280f8d1de08bd64102999298c7b14bf1500c885a47ca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 22:17:54 GMT
Last-Modified: Wed, 21 Sep 2022 19:42:56 GMT
Server: AmazonS3
x-amz-request-id: VN85YMSJMH1MT466
ETag: "20e106366354dfddd058147bdbb03040"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 14293
x-amz-id-2: 2J82kWGxQbTpu3Y3za8l3YfAE0J5nV/yt304YDDae/aoLHmjAiMRntYdYaQ84OFeV4wXLOYScME=

GET
H2 200 shutterstock-1502273063-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 7 KB
8 KB 12ms
9ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/shutterstock-1502273063-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=370&h=205

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

fb27b39c4e5aa8be014a6a5437bb55ef383906b8bb28d5405d5254d10bcd96d7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 19:01:42 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 875771
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 7304
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 256870s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230423190142_146f4_QtzG#380z
etag: "c42ae228dd654f97e810f41518a04795"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: p1g3NoLiY_kb2cVqvD4a0Gtp7JRM0k8boafMaABRu4UfKrYyqkwSIg==

GET
H2 200 shutterstock-2050263041-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 12 KB
13 KB 12ms
9ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/shutterstock-2050263041-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=370&h=205

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

b3bc614d49c7aca41b773db1425a187f7b0ee3e431d5858d965a8ce73ef29821

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:06:53 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 1059060
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 12242
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 75477s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230421160653_6b966_It2k#600z
etag: "6d074a9b699bd930a46cf437a7ead362"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: PhCLg_zu8YhIRXFbp43UKH7Ms3wSa_2KTHpmrynQkXV89xWrplTVIA==

GET
H2 200 shutterstock-324599408.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 8 KB
9 KB 12ms
9ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/shutterstock-324599408.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=370&h=205

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

02fee94c1eba7afbec24a7937b3a43bc8a71ad0a90f13ffd7da10cd5f1786f3f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:01:11 GMT
x-hexa-sleepingtime: 0
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 2261802
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 8030
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 2851s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230407180111_2bf43_LNL5#330y
etag: "eb06601c6c71e493e3bc8219f3154d49"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
x-hexa-deeptrace: cA;sfr:58,lrq:resized_once;reliab
timing-allow-origin: *
x-amz-cf-id: GPKY_Gy0i7wsGfNq7O5IjMf80mFFR2skNMdMSq8jtDtdz7SZRV7o8w==
x-hexa-start: 2023-04-07 18:01:11.326500

GET
H2 200 adu-maggie-ben-betty-scaled-e1679533217121.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/03/ 16 KB
17 KB 13ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/03/adu-maggie-ben-betty-scaled-e1679533217121.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=370&h=205

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

602148a87fffbf043822bdc441ce5b709cb41db4e203be40ec381a1ebf29a8e0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:10:05 GMT
x-hexa-sleepingtime: 0
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 3553668
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 16562
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 65348s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230323191005_85360_oKHr#320y
etag: "d517cabd1979d19718553301793e6ba1"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: HXra-sqx9klArlMtp3ZzfmzBhT56ukXmHz2f_s0ab7CpA5KBuDomDw==

GET
H2 200 Screenshot-2021-11-29-154837.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/11/ 20 KB
20 KB 22ms
19ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/11/Screenshot-2021-11-29-154837.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

dcced8c57bb7b1624d7cc67afde6a78dfda2112b56ffddee38148aca180ce4b8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:39:57 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 20276
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 20002
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 33013019s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230503163957_ef446_CgmY#777z
etag: "c29e81c19c7bc578a3a863933e9a472d"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: wCTiBONmUPohs5d0xV21g6OOZBNQprwbgsW65UJdPLNtQlRo8fe_2Q==

GET
H2 200 screenshot-2023-05-02-at-3.17.24-pm-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 20 KB
21 KB 13ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/screenshot-2023-05-02-at-3.17.24-pm-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

d275cf281ca7b82e99a6ac994e58221479ea0eaf3777d64bcd103c90475d22e2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:01:39 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 22574
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 20902
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 69773s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503160139_2193b_rdUl#370z
etag: "584ab9f8176697ee6fdcda7848de995f"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: 0Fp1vK54QVb9l22l2qzDqrzJpmI_lqzirpP44FAbGAAhUQ-Ua1G_-A==

GET
H2 200 screenshot-2023-05-03-at-9.51.11-am.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 12 KB
13 KB 13ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/screenshot-2023-05-03-at-9.51.11-am.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

ead6a381eba40a9adfd275e8e76149eb403ca81d2dbf79e2126f5ea5bab553c3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 15:37:12 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 24041
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 12622
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 2658s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503153712_08892_IeZK#370z
etag: "d3cd579ddc26bd8d961de606ba41e16f"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: yIsj2SZj74fyQ9QDZUBjNC8x3dtLK9YhM8ELgCTkdjITo8wNgO-MwQ==

GET
H2 200 zooey-zephyr.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 7 KB
7 KB 13ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/zooey-zephyr.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

ac8d24bc675e652069a3dde9386e2b0bcd4cb4e7e733a12583f1a428bc72ed4f

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 15:14:37 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 25396
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 6666
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 870s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503151437_c7460_4vaz#777z
etag: "5ef2296f7c18455f290ecc6abbc9e56a"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: cZkniYcbSjn1V4F8haszcbVQYtJkEwpRG70S_vOvscPG3yNgH7jSjg==

GET
H2 200 jeff-holcomb-florida-hate-lgbtq.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 10 KB
11 KB 13ms
10ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/jeff-holcomb-florida-hate-lgbtq.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

9397b2b387738e9fe57a739486fa8738d5d9f4e64618bcbfc32b4a0704e4a0ed

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 14:05:53 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 29520
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 10434
x-xss-protection: 1
x-hexa-initwait: first_req, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230503140550_9cdc3_RRdu#380z
etag: "e92d5c49acb905d6ed26477b438bc674"
x-resource-status: downloaded
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: A1R_w2_s1(webp)_w2_s2(png)_e(4)R
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: iveloqIh1CBYqtWuhejfcMzklc3ZlMe70osItmHNOv-TZP88Y_8iaQ==

GET
H2 200 karinejeanpierre.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 19 KB
20 KB 14ms
11ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/karinejeanpierre.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

a850737601f3d30ad42147f68ef1ba63466ca56b816586366881d5d579551ecd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:12:24 GMT
x-hexa-sleepingtime: 0
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 2001929
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 19870
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 14100s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230410181224_eaefc_ejpK#320y
etag: "cf9c92eac56d14c014191e7968797bd6"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
x-hexa-deeptrace: cA;sfr:11798,lrq:resized_once;reliab
timing-allow-origin: *
x-amz-cf-id: iA-aB89diBE9Wop1MLRAw151uAYSbH_fARz9XTA7V4lXn7jnREqALA==
x-hexa-start: 2023-04-10 18:12:24.142700

GET
H2 200 steven-crowder-spouse-abuse-genitals.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 27 KB
27 KB 19ms
16ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/steven-crowder-spouse-abuse-genitals.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

f820748946db28779e63d24e41128bf58612ce7187463ae22f7dde5cc0755ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 12:07:52 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 36601
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 27238
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 465s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230503120752_e7ec6_V72g#370z
etag: "5751022615f0ef6132001cf1edf1a44d"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: BcrzbmCnT-UTck-sEMsbvqfDyXL00yax_EKqOy5uGJE-CX6jDYEdwQ==

GET
H2 200 shutterstock-7307896-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 43 KB
44 KB 18ms
15ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/shutterstock-7307896-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

a97229c9e958921d471be27b553f9b36b694b2c113802357baa400ac871d930b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:05:21 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 87152
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 43890
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 307s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230502220521_05612_4bBp#320y
etag: "fe88fa400992337deebb361727cfc739"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: Zea_K73HUt3Um7NX9_bk9h5YSS-CTTDIejln2RtMo16XjDZ_Tvs2hw==

GET
H2 200 cece-telfer.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 7 KB
8 KB 19ms
16ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/cece-telfer.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

0f4f7820fca74b7f87f72683e7a9a47d0a55bb6ec5eb72821e6048125a0fa2b1

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 21:01:12 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 91001
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 7620
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 4278s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230502210112_182e1_VgFf#370z
etag: "9942b94a658a1d10ced5d608b5dab1d3"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: Rtaai921XaBmjscVfZS7wTFh3mwwB3iazgnYO_3VnWAIbhXAQyykSg==

GET
H2 200 rachel-maddow.png
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/12/ 9 KB
9 KB 14ms
11ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2021/12/rachel-maddow.png?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

2ded5124597b6d194f60e23c9cbe44b9f150ff0695068581e1f477582b2ecf04

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 16:06:56 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 281457
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 8904
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 27326999s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230430160655_53240_iiF7#330y
etag: "b93a7345f9a73237d1cdf757f69e2358"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: 9zlS4JMwqd-89yKAfj_xIQiYBZQUVV4EnOQjFpeB0UjKIReS86JWJg==

GET
H2 200 shutterstock-714358801-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 21 KB
22 KB 20ms
17ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/shutterstock-714358801-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

4174e057be4e64a6ceda295202ffbfc9cae69ba3015568c6cdbdd200f642ec33

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:37:14 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 96039
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 21298
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 417s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_051_20230502193714_c545d_nJgS#777z
etag: "1a67a239df178d6f654afc8871502fa8"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: LH_mQyZqtzNvUWsPgbUDLdLFBnfq1sIxefIKhZvzEw2YgG8msw6x1w==

GET
H2 200 shutterstock-106732691.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 33 KB
34 KB 21ms
18ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/shutterstock-106732691.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

0a5c84fe649b14d96e13f821d43124e066af3a25facc7189737956f682c07721

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 19:06:57 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 97856
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 33564
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 212s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_002_20230502190657_8aa9c_JurS#380z
etag: "e72c85e208e902857b880381e053637c"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: cjsevZ3vsBXjqXZcGrZPYjXZbRNcImqtCwo8a_KmwIaMjFrZTTnbtA==

GET
H2 200 transgender-affirming-bible-verses-scaled.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/ 16 KB
17 KB 20ms
17ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/04/transgender-affirming-bible-verses-scaled.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

b6047eb3716ad9bd80022dd0c86875f17e10073f63bc84f6c3f299e1074c6f30

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:31:40 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 99973
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 16336
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 98650s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_009_20230502183140_7dabc_Eeos#330y
etag: "6d3a5e63f579e02ce0215d4542943ab2"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: faw6hCLgLdLeM8dT7Qd5ngWKuBFFfCMJoQL4Tp-X2qSKWkvuIrH2pA==

GET
H2 200 dwyanewademetgala.jpg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/ 15 KB
16 KB 21ms
18ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2023/05/dwyanewademetgala.jpg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=490&h=334

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

35f2f2368016ce645c562760615bf6da82527619fc85092f59df11f867183c77

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:02:52 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 105301
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 15454
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 5120s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_018_20230502170252_c0059_7Yth#330y
etag: "ce18270e02edc73c93bc5bee16a47ca9"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
x-hexa-flowtrace: AnRRR
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: VI3vxXgb2Ckvw3tAOEA2PSuIBo-e_sakpfBvkyK1VLLD0G-7H1tD9g==

GET
H2 200 lgbtq-nation-logo-stacked-white.svg
auto.gemvpn.xyz/images/logos/ 5 KB
2 KB 66ms
63ms Image
image/svg+xml 2606:4700:3033::ac43:a868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto.gemvpn.xyz/images/logos/lgbtq-nation-logo-stacked-white.svg

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fdb39d4187158aee8f3d65a6eff96564ccdf4126d3e04aa71a4650b14268c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:00 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-nk5mx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000179-CHI, cache-fra-eddf8230124-FRA
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683048376.881922,VS0,VE1
etag: W/"645142d6-1461"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H7b4x0eHLXy2xsufbTIclw97eBvNDyjsVVaNmJA2fFi1sOT77Aim162IKebEWeZHs1zoKC2tlhD0q8TtqvfRf781JzMTLDkHznzS8MCMmqJaS9bl6JFNk45sO33qzZDit2%2FXht0l80EWZ4o%2FTHHyohm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 50005b2d-e90c-11ed-8145-2ecbc81e1adc
cache-control: max-age=31622400
cf-ray: 7c1be06badac9a05-FRA
x-cache-hits: 16, 1

GET
H2 200 q-digital-logo-dark-gradient.png
auto.gemvpn.xyz/images/logos/ 5 KB
6 KB 66ms
64ms Image
image/png 2606:4700:3033::ac43:a868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto.gemvpn.xyz/images/logos/q-digital-logo-dark-gradient.png

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90cc26f6c16ba3e4fd9be51d540a190ac8bfe09372758e7548a371bff73e14b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:10:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5542
x-served-by: cache-chi-kigq8000153-CHI, cache-fra-eddf8230063-FRA
last-modified: Tue, 02 May 2023 17:05:23 GMT
server: cloudflare
x-timer: S1683048506.775411,VS0,VE1
etag: "645142d3-15a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C4EKXza%2Bq47pDSB3cIAY1ndFwoZJsFrfdCriBlsAkrq0zKBT8hAl4MIxogmgoNoaBnPKmSWnTwlisHCW55c%2B14bpzaYNCGhyDJi9UZe5HJTfo%2FW8npA%2BRJNaR3dE%2FezjTCfhgFx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 4e9dda1f-e90c-11ed-a37c-d2ed9f824b70
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7c1be06badad9a05-FRA
x-cache-hits: 15, 1

GET
H3 200 cookie-law-info-table.css
www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 5 KB
2 KB 14ms
14ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-table.css?ver=2.3.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

484d2a59ebf4bec600c4d20aed383a0a38ee33d6d7043d31c0fcc423143222b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100758
cf-polished: origSize=6366
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 15, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100163-CHI, cache-fra-eddf8230091-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683051516.565167,VS0,VE6
etag: W/"645142d6-18de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvsHwGOofq5bc91BeI%2FbsbTmEig88IJpsyQg%2F7hFzd8uufBgG5gj85%2BxgiGJqXxVJMrchCQ02BJGG4Yo1he3WA338IFyJx3RAtmS1V%2FpnepWRDFzIW9%2BZrxSVSnpeZPOzixlhJf3g8Uj5X%2Bm9By9cO9k"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-styx-req-id: 50191de3-e90c-11ed-9251-d60409dc0553
cache-control: max-age=31622400
cf-ray: 7c1be06afe8792c9-FRA
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-m7g5m

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://q-digital.videoplayerhub.com/galleryplayer.js?ver=20210324
https://btloader.com/tag?h=q-digital&upapi=true

14 KB
7 KB

54ms
20ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=q-digital&upapi=true
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e88320751e3d91706367442e5df402ef8c51454ebc0161e7627ceba85bc1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 21:57:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1042
etag: W/"a67ebefd373f1cf07e7430b25e9ff09a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oP0siU6FrXVYvN6qsfJaGCM50NDmBDtQlBlbauPJPGIXkkUVq9ytjQGfkTt13neJ4MNVlgn1kgCTMc1E9e6gxaXaQFj7LJrhONfRyF6V4DJYEMFM6G5uwXwIhA1M2iyL4mSQGxPVLqbREw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7c1be06bfd65bb79-FRA

Redirect headers

date: Wed, 03 May 2023 22:17:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGGpDs%2FQd6dVMvorxkrNWdPLja4LWAga0sL3oKwWCBQBGvXKHsBnQbg3ebk2O0fw0Fko%2F3E43k2FqaU87VWgrDoc%2Bo8gzNlfJQKGu7dxFXib2PR3qKqiFVzkh5IMkMYkmGWHNTZM9C2VAgvrId3m%2FgEnu1uLPSGhzmE%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=q-digital&upapi=true
cache-control: max-age=3600
cf-ray: 7c1be06b59d79211-FRA
expires: Wed, 03 May 2023 23:17:53 GMT

GET
H3 200 thickbox.js Show response
www.lgbtqnation.com/wp/wp-includes/js/thickbox/ 10 KB
4 KB 14ms
14ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d1743ca0b4b8db7aa3d4aee6aec8e0054dfd2abfa97ad8dd70693656be88c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:14:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85003
cf-polished: origSize=13242
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 19, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000101-CHI, cache-fra-eddf8230091-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683067271.860562,VS0,VE1
etag: W/"645142d6-33ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaUQv8pgZJCW8LyasKynv6%2FZKXJ3sh9VStMkaV0nz5XXZu55U5ELTRj%2Fowx4q%2BmQlag%2FpyO7vXasGaSabkwrmzstr50IIr5pzUssPr013wuhqRFRjLm29B%2FbDaoyVAhCSMxtv8mpD4oNg04%2Fc0bvPmd6"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: dd62a7a9-e90c-11ed-b29b-3674233cca68
cache-control: max-age=31622400
cf-ray: 7c1be06b3eb592c9-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5chg9

GET
H3 200 pnotify.min.js Show response
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/pnotify/ 28 KB
8 KB 21ms
16ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/pnotify/pnotify.min.js?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1563de63068e769447daece44fa71e8cfe861ac1cafd1be5bce0d71007b5d0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85003
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000146-CHI, cache-fra-eddf8230127-FRA
last-modified: Tue, 02 May 2023 22:23:42 GMT
server: cloudflare
x-timer: S1683067271.860773,VS0,VE1
etag: W/"64518d6e-6ffc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8Wdcs%2BO%2Fbxn8b%2FOIkjZRsc8novhfDhq47VWVD70r52X2BuZ0a80%2BGNc9tL8G2BalS4T8%2Fvl8OnP2p3PUZ0YpPMSASE%2BW5JTELxuGXEzDE0sNtnfwmHsHSNdizIuTx43xwnQDIgn7f7jtARpvNAhOlME"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 2bee49bb-e938-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06baf0b92c9-FRA
x-cache-hits: 17, 1

GET
H3 200 sharer.js Show response
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/sharer/ 16 KB
6 KB 20ms
15ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/vendors/sharer/sharer.js?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

173e480c8155229cba065125c797fc03ed7c755acabcb148f2d0745ade9fed8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85003
cf-polished: origSize=23201
content-encoding: br
x-cache: HIT, MISS
x-cache-hits: 40, 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000172-CHI, cache-fra-eddf8230132-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 22:23:41 GMT
server: cloudflare
x-timer: S1683067271.868759,VS0,VE103
etag: W/"64518d6d-5aa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq0vC36ksDg20Hg%2B8WOiphrXRyJn5uXttVVPUvXidgYFjltJX2VVbssRkorQ2UXwkzXc8DsxyFjbxqMbGNsLn8YM9zDv1ceEQR6GuM32K5WIZmrYSfKCZaivLqaHbHRGKgcAwG8jFS8W%2FHmF0KIfp77B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 2bee3c67-e938-11ed-b29b-3674233cca68
cache-control: max-age=31622400
cf-ray: 7c1be06baf0d92c9-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5chg9

GET
H3 200 frontend.js Show response
www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/js/ 23 KB
6 KB 27ms
22ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/onionbuzz/static/frontend/js/frontend.js?ver=1.2.7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c778bda3094da12779de09d802a68b515e0a90d419fb4847f1289560ec56db39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 22:24:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85003
cf-polished: origSize=42015
content-encoding: br
x-cache: HIT, HIT
x-cache-hits: 16, 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-klot8100163-CHI, cache-fra-eddf8230078-FRA
cf-bgj: minify
last-modified: Tue, 02 May 2023 22:23:41 GMT
server: cloudflare
x-timer: S1683067271.864918,VS0,VE1
etag: W/"64518d6d-a41f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaZPl6Zr8HRDdk8GWdRNYEWIOLhUIjUZV5h0hVw1wEzMe%2BVditmpvuGza7WbHWT1XPyW0ZaY7RBN6pbqv%2Bt0W7Y2Hi%2Fv%2FIGtWBDH4CbdyoZPQAAg8uKjZMU0OgSlX%2Fy5GLtFjglI6DbcsqULqDBHlkGu"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 2bed6b56-e938-11ed-a37c-d2ed9f824b70
cache-control: max-age=31622400
cf-ray: 7c1be06baf0e92c9-FRA
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc

GET
H3 200 vticker.min.js Show response
www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/resources/assets/scripts/ 4 KB
2 KB 22ms
17ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/resources/assets/scripts/vticker.min.js?ver=v1.21

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7e6536b9e185170f0846482b8b50e4eadfdcf096a0cfece62b946d43750282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:06 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96579
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000071-CHI, cache-fra-eddf8230136-FRA
last-modified: Tue, 02 May 2023 17:05:27 GMT
server: cloudflare
x-timer: S1683055694.308102,VS0,VE16
etag: W/"645142d7-11c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aso3ZTv59bw9ZL1N5zgWYlAu9PEWnkeCvKHx1QmE8fqikW%2B72O%2BScqGunPBQe9t1WfKF0CA95kvTcj7ydQ1MyRun7fSibaEGeCVwGmMSzHe%2FzuOXvo3VkMJZgvdtBtzh1ucwLuD3rCu7%2B2HFjZRlcKwT"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 53505f34-e90c-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06baf0f92c9-FRA
x-cache-hits: 10, 1

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 47ms
19ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2440
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c1be06bce7bbbd7-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 22:17:53 GMT

GET
H3 200 helper.min.js Show response
www.lgbtqnation.com/wp-content/plugins/optinmonster/assets/dist/js/ 2 KB
2 KB 26ms
21ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/plugins/optinmonster/assets/dist/js/helper.min.js?ver=2.13.1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4a940faeaa3dc23dad3af003a54680db0da12d22214094dc171e0d10c3ca12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:01 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100758
content-encoding: br
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-zhff9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000173-CHI, cache-fra-eddf8230031-FRA
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683051516.571528,VS0,VE2
etag: W/"645142d6-9d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FonhBiB%2BfhYxkpljWCuWpwgIgvyV%2FgLOP4jKRzJJvTOweLKciey1e16hjjW9OskMyHfHFXctBr5%2BuXIniLJV%2Bdob6yiyMbjL70MRNW4afQ7um0uADz%2FoRfGeCB%2F6B3YVrK7%2FHUsOTjiNxCnZHQl329%2Fk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-styx-req-id: 50196b44-e90c-11ed-a548-7a8434a2fe44
cache-control: max-age=31622400
cf-ray: 7c1be06baf1092c9-FRA
x-cache-hits: 16, 1

GET
H2 200 p.js Show response
cdn.parsely.com/keys/lgbtqnation.com/ 59 KB
22 KB 43ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/lgbtqnation.com/p.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 04a93b12a645d07f4fb317582ecc4d739c1070aad68a46e69569aa1477076302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: public
date: Wed, 03 May 2023 03:21:43 GMT
content-encoding: gzip
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 17:40:36 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 68370
etag: W/"63e3de94-eaec"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: -H3wZqHCHYtKkps2fEslk2v9C_kpN9zsxRYoQtINPJX_wEuVlwLxqw==
expires: Thu, 04 May 2023 03:18:23 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/ 401 KB
124 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 03 May 2023 10:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41149
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126853
x-xss-protection: 0
server: cafe
etag: 4617370205818610952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 02 May 2024 10:52:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
65 B 56ms
40ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=auto.gemvpn.xyz

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84862f92bb17582c5bdfe677ce02a0fcb15c431f2479f54361fed78f41f9177c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H2 200 / Show response
geo.adspsp.com/ 4 B
364 B 211ms
150ms XHR
text/plain 2600:9000:2490:fa00:1e:7118:9c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.adspsp.com/
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:fa00:1e:7118:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c6c3342285049f5853f348e007471b75ec2a5d3966dbe7fc3e908fc530bcac37

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-adb-procip: 2a02:6ea0:c71b:0:1012:c5c4:a7d0:fee6, 130.176.223.138
x-adb-rmadr: ::ffff:10.0.0.88
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-adb-fwdip: 2a02:6ea0:c71b:0:1012:c5c4:a7d0:fee6, 130.176.223.138
content-length: 4
x-amz-cf-id: b64LqYhjBuD1GBRrhSkPhqUgHJ3XOM1IttJVIzTgzsnt9ZgUtIaHvw==

GET
H2 403 .js
dyv1bugovvq1g.cloudfront.net/47/auto.gemvpn.xyz/ 0
0 469ms
425ms Script
application/xml 2600:9000:223e:b800:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/47/auto.gemvpn.xyz/.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b800:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 415ms
403ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
x-amz-version-id: ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding: gzip
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 27 Apr 2023 23:46:51 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: qxTRT2cO9Nck7OtAO7dStC0q6TC_zP45bc06N_npv3Xrr6ITiklOOA==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 35ms
8ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 05:40:27 GMT
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 59847
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: zGJysW0Qrj6bPqplzBh_crsFv2-XF6ReQnGnxz5yHuP7Wee_rUSrHA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 26ms
7ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 10 May 2023 22:17:53 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 50 KB
19 KB 38ms
6ms Script
application/javascript 2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: d7c20247857c9627b5552e890b46e76d22ae989102eeffb9ab5f62df6b1c9002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-197
cdn-cachedat: 05/03/2023 11:24:46
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 20:35:19 GMT
server: BunnyCDN-DE1-1078
cdn-fileserver: 370
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64517407-c83b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2381c2d62c84650ba22168ddb91e2549
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lgbtq-prime-backer-scaled.jpeg
abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/09/ 16 KB
16 KB 24ms
21ms Image
image/webp 52.222.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abuwjaawap.cloudimg.io/v7/_lgbtqnation-assets_/assets/2022/09/lgbtq-prime-backer-scaled.jpeg?&auto=format&auto=compress&crop=faces&fit=crop&gravity=face&w=1700&h=400

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-15.fra56.r.cloudfront.net

Software

Scaleflex HTTP Loadbalancer /

Resource Hash

8054bde23ce4fab74f3b298fb0c65091af2f3d400d0151c1c27642cec86ef514

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:23:39 GMT
x-hexa-sleepingtime: 0
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-hexa-masterrefresh
x-hexa-originusedcode: 200
x-amz-cf-pop: FRA56-P4
age: 5943254
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:
x-origin-visibility: OV_NORMAL_FILE
x-cache: Hit from cloudfront
content-length: 16112
x-xss-protection: 1
x-hexa-initwait: probably_cached, first_req 202991s ago, no_wait
server: Scaleflex HTTP Loadbalancer
x-cloudimg-traceid: CiI_013_20230224032339_a815a_dvlx#380z
etag: "a5d0c1f2346da58c8ce998df2238b6a8"
x-resource-status: cached_resized
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=31536000, public
vary: Accept-Encoding,Accept
timing-allow-origin: *
x-amz-cf-id: H-0uahIMNX8PsOVcbpJuofrAI_lWF0fHdPN1b1euXeR3bMGZo-iu9Q==

GET
H3 200 pattern-flag2.png
www.lgbtqnation.com/images/backers/ 47 KB
48 KB 14ms
14ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lgbtqnation.com/images/backers/pattern-flag2.png

Requested by

Host: www.lgbtqnation.com
URL: https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/main.css?ver=1683122433

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bab3a5f1889bcc91ab6563837a4b1b827239d8d5bb61741f6d4d7417c32ab55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/main.css?ver=1683122433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:02 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100758
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5cfc8c548-pqhqh
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48060
x-served-by: cache-chi-kigq8000025-CHI, cache-fra-eddf8230063-FRA
last-modified: Tue, 02 May 2023 17:05:27 GMT
server: cloudflare
x-timer: S1683051516.598002,VS0,VE5
etag: "645142d7-bbbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUNqHIb%2B%2BYpsqzBl5SigtYI8ZhtX5dSmaODMA%2BizcxBdUfgfiyqlLTZU26CHkO%2BTH5ie1AAUdxfbyjUcIwUTReLkOFXe1DofYsBGkYnVbjoo09%2B6OsZnOCjD%2F3j%2Fuk2RDDvNsscPXKR9RcThC38MInWd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-styx-req-id: 50d9cd11-e90c-11ed-8d30-9a8294422577
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7c1be06bdf4d92c9-FRA
x-cache-hits: 16, 1

GET
H3 200 mdicon.ttf
www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/fonts/ 15 KB
16 KB 42ms
31ms Font
application/x-font-ttf 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/fonts/mdicon.ttf?1qswia

Requested by

Host: www.lgbtqnation.com
URL: https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/main.css?ver=1683122433

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41961eb9e8787489bf7cdb2cc200741edd327c62d55832a446fb40b673b5d32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

Referer: https://www.lgbtqnation.com/wp-content/themes/lgbtqnation-2019/assets/styles/main.css?ver=1683122433
Origin: https://auto.gemvpn.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:11:00 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-crpjc
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-chi-kigq8000098-CHI, cache-fra-eddf8230060-FRA
last-modified: Tue, 02 May 2023 17:05:23 GMT
server: cloudflare
x-timer: S1683152273.286801,VS0,VE1
etag: W/"645142d3-3dd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQsEXS3CSkhv5%2BGi5p%2BixMZubjS%2FgwuPsYS7yF8Ufqsw3WcLECVxV7QDTOr8at2fdQEGjPHjeD5BhnhXcsU1itLVt8bok79y7Nm0Oq1qYroZNA2OG05daCoUx0NBBlpb5V341I3J0sBU6vHWG5u5sRDQ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
x-styx-req-id: 4f8f243a-e90c-11ed-a37c-d2ed9f824b70
cache-control: max-age=31622400
cf-ray: 7c1be06bee6f2bf6-FRA
x-cache-hits: 16, 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 32ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auto.gemvpn.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 403658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 38ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auto.gemvpn.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:25:47 GMT
x-content-type-options: nosniff
age: 363126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:25:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auto.gemvpn.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 402909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://auto.gemvpn.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:41:19 GMT
x-content-type-options: nosniff
age: 102994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2024 17:41:19 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 103ms
103ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fauto.gemvpn.xyz&pubid=ca0a1be3-4fa6-40a0-bcab-b3d35d8368f1
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Es4n81WRZelsWfkLOlqVwyhY8yCYq4SYKi-SXg-9TiNKfva4q-QxVA==

GET
H/1.1 204
No Content /
adspsp.com/pt/2634970/19/1/ 0
110 B 705ms
173ms Image
image/png 35.166.210.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2634970/19/1/?a=2,a2lh89eluoX1nQS9qsjL,kvJ0Skkf8u&aa=00Gumh&b=&e=&c=https%3A%2F%2Fauto.gemvpn.xyz%2F&d=&f=1.lh89elmk.1T7x&g=1Tdi&u=116e1332:lh6sexwl:3if&v=18g.xc.0.3js.1.0&m=z&rnd=1683152273377
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.210.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-210-191.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2 200 px.gif
ad-delivery.net/ 43 B
935 B 39ms
13ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1202051
x-guploader-uploadid: ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNKUqGHG%2BywsxjiWO%2FEZysK%2FwWdky9QTUQdf7I8GO1pGPrkwaHnICcpc8%2B2xeRq5PBnLzw%2ByIWxmYQoAvUWEe%2FZPL6dbRrVTYvdUFBxAFsi2bn%2FIpE7ShANw1QBku6XH4OomxqQfYUTGiXpDZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7c1be06cccaf9ba4-FRA
expires: Thu, 20 Apr 2023 01:10:53 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 33ms
6ms Image
image/x-icon 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 22:18:31 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 31ms
14ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4929255581014764
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1202051
x-guploader-uploadid: ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra1YNCaotplinLH0J1TPeEbWWj9EXaOSNl4ufV3vNwAf7hHFp8HXcFFftkgzzj4mWiwjWAaXCjZKa%2BpLoZ8QHeUJLXszfBavTjOziPsRllIF3YcZDNwn6TW3UUtdTk6nLHf%2Fh%2BtF7k7LojVvYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7c1be06cccb09ba4-FRA
expires: Thu, 20 Apr 2023 01:10:53 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 8ms
7ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=32666898&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1683152273412&ns_c=UTF-8&c7=https%3A%2F%2Fauto.gemvpn.xyz%2F&c8=LGBTQ%20Nation%20-%20The%20Most%20Followed%20LGBTQ%20News%20Source&c9=
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: _NS1NDGYKjO85o8cgmXI8lq7ITOx2fba_hyji0l7TceVF93mTdnx0Q==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-3a_FtJ1e9ZPvw.js Show response
rules.quantcount.com/ 160 B
643 B 22ms
7ms Script
application/javascript 2600:9000:223c:ea00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3a_FtJ1e9ZPvw.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce140ac48b3492e399d34cb78d7eb1c5893dfa69e632d93aa1b4fdfa86d9cdc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:06:35 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:34:22 GMT
server: AmazonS3
etag: "4c5223e17fc0fe5eb693d53a2a0b619c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ROO2gWo-KRS4qMRzvJKyoJPaWXOd35zfmYxK4JRD0QJIS9S8mviyew==

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 6ms
6ms Stylesheet
text/css 2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
cdn-edgestorageid: 863
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 05/03/2023 11:35:09
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 20:35:20 GMT
server: BunnyCDN-DE1-1078
cdn-fileserver: 370
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64517408-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0dd680947572946b7ef9c2dbed0c31c6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 753447 Show response
api.omappapi.com/v1/optin/40711/ 2 B
609 B 312ms
278ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v1/optin/40711/753447
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 2
x-optinmonster-campaign: z1swjyvgvwtikcpcutyf
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: rZg_2P0mEdW8p4YQJadEhocgbNTgiH1f3ufR7shAooCmRK2D1GXhxg==
expires: Wed, 03 May 2023 22:09:31 GMT

GET
H2 404 wwuruqctmkqmwftvq8q1 Show response
api.omappapi.com/v2/embed/40711/ 184 B
550 B 390ms
358ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/40711/wwuruqctmkqmwftvq8q1
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 37b77089e6d1285acd9d8b59b5d9340204de9ef85387698a28315e630c18f34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
x-user-agent: standard--
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
content-length: 184
x-amz-cf-id: 6X8sxgS1ODsU51tbxJaw52YHwuYNrBOs6K3Fu7jbmrVMcHMAhZszeA==

GET
H2 404 qun2nne3a2xz7mclcnpb Show response
api.omappapi.com/v2/embed/40711/ 184 B
550 B 354ms
326ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/40711/qun2nne3a2xz7mclcnpb
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 37b77089e6d1285acd9d8b59b5d9340204de9ef85387698a28315e630c18f34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
x-user-agent: standard--
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
content-length: 184
x-amz-cf-id: 60V25MXbQ6l99eO2ejA9rti5eHgJY95AjJZx3-svqH1YvG-aueubYg==

GET
H2 200 738340 Show response
api.omappapi.com/v1/optin/40711/ 2 B
610 B 305ms
279ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v1/optin/40711/738340
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 2
x-optinmonster-campaign: dkvmv3ha6mkszuqmt2ge
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: _nDiKnu_M9SXETP3mynDBB1Bv3nCtlaMnTGwDih3rPtZK7CPyS11fw==
expires: Wed, 03 May 2023 22:14:28 GMT

GET
H2 200 804750 Show response
api.omappapi.com/v1/optin/40711/ 2 B
610 B 302ms
277ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v1/optin/40711/804750
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 2
x-optinmonster-campaign: cz5ftynarx6ryt5eqdpt
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: SOkQ2Yw0HLf3b_2UbhPl1SIP9wPrREbPuC9mLx5X4GYC1eB_g_vhrA==
expires: Wed, 03 May 2023 22:09:31 GMT

GET
H2 200 735503 Show response
api.omappapi.com/v1/optin/40711/ 2 B
609 B 302ms
278ms XHR
application/json 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v1/optin/40711/735503
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 2
x-optinmonster-campaign: tpdn2jrl6qeglircpvdg
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: ZdE9OGbXcGPlQrM0bE_Vt_xjcHpXgqvNraUNxjO63gTxUsAg4uFwag==
expires: Wed, 03 May 2023 22:14:28 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 109 KB
24 KB 40ms
6ms Script
text/javascript 2600:9000:2490:9a00:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9a00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ad80e243b7deca52718ccec392c5984b03fe92e8be029d5b8eda64fb05f5ad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 14:18:42 GMT
x-amz-version-id: Pyv71cMvmkRYITskMYBZSfUHb8ks7lOe
content-encoding: gzip
last-modified: Wed, 03 May 2023 14:18:38 GMT
server: AmazonS3
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"a8eb2a9d09b2ff4e9f7fc437f3250c12"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
age: 28752
x-amz-cf-id: q2mmdt0lIVAKaY1yw1BTuFkNwudLjV2wCnxZtvMKiJEZERY44O0IDw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 83ms
40ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fauto.gemvpn.xyz%2F&pid=VJyHMtuLzynTk&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22adbridg_ad_adblntoplb_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22home%22%7D%2C%7B%22sd%22%3A%22adbridg_ad_adblnboxlarge_1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22home%22%7D%5D&pubid=ca0a1be3-4fa6-40a0-bcab-b3d35d8368f1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: R5C6TNK0YPDFH2DMT0DJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://auto.gemvpn.xyz
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eCQznfxOYly6VWggfof9BNJ-pv9DutrHLxiaBd7UrPqG8x-t2x6ltA==

GET
H/1.1 204
No Content /
adspsp.com/pt/2634970/1/2/ 0
110 B 687ms
172ms Image
image/png 35.166.210.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2634970/1/2/?a=2,a2lh89eluoX1nQS9qsjL,kvJ0Skkf8u&aa=00Gumh&b=1//2-28^k8`2i.qy`2i.qy`6y:2@1040162^k8`2i.qy`2i.qy`6y,5@20883108^k8`2i.qy`2i.qy`6y,9@581900^k8`2i,18@LGBTQ_Desktop_Leader1^k8`2i.qy`2i.qy`6y,33@Pdttf083ZaS8TaUTNJ50ah7r^k8`2i.qy`2i.qy`6y,116@213789743^k8`2i.qy`2i.qy`6y,154@dWBJy2QKOr6jjQaKlId8sQ^k8`2i.qy`2i.qy`6y,166@20463^k8`2i.qy`2i.qy`6y_26^8c`6y.8c`go:2@1040158^8c`go,5@20883105^8c`go,9@581897^8c`go,18@LGBTQ_Desktop_Box2^8c`go,33@ftxO295svn2Cfny2yioNrqmc^8c`go,116@681402167^8c`go,154@dWBJy2QKOr6jjQaKlId8sQ^8c`go,166@20463^8c`go,185@19223aa4164a1c25e26050b8dc979c59^8c`go&bu=U2374761c09ecab,adbridg_ad_adblntoplb_1,%2F4564944%2Flgbtqnation%2Fhome&bu=U3f6b6c43f8cba9,adbridg_ad_adblnboxlarge_1,%2F4564944%2Flgbtqnation%2Fhome&e=&c=https%3A%2F%2Fauto.gemvpn.xyz%2F&d=&f=1.lh89elmk.1T7x&g=1Tge&u=116e1332:lh6sexwl:3if&v=18g.xc.0.3js.1.0&m=z&rnd=1683152273482
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.210.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-210-191.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 23ms
23ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3100
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7c1be06d4facbbd7-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 22:17:53 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 131ms
29ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1683152273495&plid=9299dfeb-6fb6-422c-9478-31d270eadc91&idsite=lgbtqnation.com&url=https%3A%2F%2Fauto.gemvpn.xyz%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.lgbtqnation.com%2F%22%2C%22hash%22%3A1643541504%7D%7D&sid=1&surl=https%3A%2F%2Fauto.gemvpn.xyz%2F&sref=&sts=1683152273490&slts=0&title=LGBTQ+Nation+-+The+Most+Followed+LGBTQ+News+Source&date=Wed+May+03+2023+22%3A17%3A53+GMT%2B0000+(GMT)&action=pageview&pvid=2e0aacda-e457-4d91-9b3f-cc6650fbbd9a&u=pid%3D46057374-2dcf-48fc-bd85-6a1a527f22b5
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 22:17:53 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 03-May-2023 22:17:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 182 B
530 B 63ms
23ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fauto.gemvpn.xyz%2F&PageUrl=https%3A%2F%2Fauto.gemvpn.xyz%2F&PageReferrer=https%3A%2F%2Fauto.gemvpn.xyz%2F&CanonicalUrl=https%3A%2F%2Fwww.lgbtqnation.com%2F

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

5be1466bde89a788e7fb321790b7ecd0d24214a5a8571f8f0f9ae322addac0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 182
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
602 B 158ms
136ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU6A725L
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 015066930e02a174b181bcc1c6ce5c151881c57be541ed32f641d97e672b7bf2

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 522 B
1 KB 93ms
17ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11744&site_id=64666&zone_id=1040162%3B1040158&size_id=2%3B15&alt_size_ids=55%2C57%3B10&p_pos=atf&rf=https%3A%2F%2Fauto.gemvpn.xyz%2F&tg_i.page=https%3A%2F%2Fauto.gemvpn.xyz%2F&tg_i.domain=auto.gemvpn.xyz&tg_i.pbadslot=%2F4564944%2Flgbtqnation%2Fhome%23adbridg_ad_adblntoplb_1%3B%2F4564944%2Flgbtqnation%2Fhome%23adbridg_ad_adblnboxlarge_1&tk_flint=pbjs_lite_v7.44.0&x_source.tid=01440213-9136-4bca-b5f4-7eb4945b071f%3B0845693e-be48-412b-be66-7e3ac8041892&l_pb_bid_id=BR6d393e825c1462%3BBR159c808538376e5&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&x_imp.ext.tid=01440213-9136-4bca-b5f4-7eb4945b071f%3B0845693e-be48-412b-be66-7e3ac8041892&rp_maxbids=1&p_gpid=%2F4564944%2Flgbtqnation%2Fhome%23adbridg_ad_adblntoplb_1%3B%2F4564944%2Flgbtqnation%2Fhome%23adbridg_ad_adblnboxlarge_1&slots=2&rand=0.9090607065317733
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d0c1371b4395531a7e06bc774c623780aa4236499573c100def4155051d22ebb

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://auto.gemvpn.xyz
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 264 B
1 KB 122ms
89ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

93fa7f62f463a5096444715d966ef354ce69d6626dbb8b2c54c0ff4b8efd25b2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 22:17:53 GMT
AN-X-Request-Uuid: 3f614732-bb2c-41ec-94e3-9b736111aef0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://auto.gemvpn.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 264
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 10 B
388 B 85ms
21ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.44.0
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 5811967f540d300d249ab30ae681359a7815fdb5d3dc71a94be1d491006a6b27

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 May 2023 22:17:53 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://auto.gemvpn.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 10

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
537 B 35ms
7ms XHR
application/json 18.198.174.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fauto.gemvpn.xyz%2F&tmax=2000

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.174.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-174-134.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 49ms
17ms XHR
text/plain 18.193.173.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.173.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-173-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auto.gemvpn.xyz
date: Wed, 03 May 2023 22:17:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 55ms
24ms XHR
text/plain 18.193.173.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.173.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-173-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auto.gemvpn.xyz
date: Wed, 03 May 2023 22:17:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
342 B 129ms
102ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dWBJy2QKOr6jjQaKlId8sQ
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c10d1a2842704c450e3cc9cde4d7cba033268da3d5e1cf46d6819cd8b5ca28a4

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://auto.gemvpn.xyz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 132ms
105ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dWBJy2QKOr6jjQaKlId8sQ
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c10d1a2842704c450e3cc9cde4d7cba033268da3d5e1cf46d6819cd8b5ca28a4

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://auto.gemvpn.xyz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 204
No Content hb Show response
brightcombid.marphezis.com/ 0
172 B 483ms
294ms XHR
text/plain 178.128.135.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://brightcombid.marphezis.com/hb
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auto.gemvpn.xyz
date: Wed, 03 May 2023 22:17:53 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 pixel;r=225292863;rf=0;a=p-3a_FtJ1e9ZPvw;url=https%3A%2F%2Fauto.gemvpn.xyz%2F;uht=2;fpan=1;fpa=P0-1229294002-1683152273414;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=gemvpn.x...
pixel.quantserve.com/ 35 B
372 B 18ms
8ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=225292863;rf=0;a=p-3a_FtJ1e9ZPvw;url=https%3A%2F%2Fauto.gemvpn.xyz%2F;uht=2;fpan=1;fpa=P0-1229294002-1683152273414;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=gemvpn.xyz;dst=0;et=1683152273510;tzo=0;ogl=site_name.LGBTQ%20Nation%2Ctype.website%2Ctitle.LGBTQ%20Nation;ses=52935c71-ed21-49af-a478-a171387696a8

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 123ms
96ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auto.gemvpn.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 03 May 2023 22:17:53 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 96ms
95ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V18NBPRHD7

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af52927fdd499ef10839eb3fb1fb14861115d6ef8017a37b8939c2a3d4700e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H3 200 loadingAnimation.gif
www.lgbtqnation.com/wp/wp-includes/js/thickbox/ 15 KB
16 KB 15ms
14ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lgbtqnation.com/wp/wp-includes/js/thickbox/loadingAnimation.gif

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 02 May 2024 17:14:58 GMT
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=31622400
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84991
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-84cb564dbb-5chg9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
x-served-by: cache-chi-kigq8000150-CHI, cache-fra-eddf8230102-FRA
last-modified: Tue, 02 May 2023 17:05:26 GMT
server: cloudflare
x-timer: S1683067282.123029,VS0,VE1
etag: "645142d6-3b86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr2rNRWeLDSYw9OvsS2C9IQ%2B%2BaLirnq1sXw0xGzM7ZT18DTpGZPLDzNDuUnc4AnKPIxcrBZD6iu9iArLIeVisM3rzeCsZqlbTFS%2F1d6Uebnx7vY%2BNKYP8FohaaN9L%2BhyLmk0zIJcp5zSSNhcBe37yV21"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-styx-req-id: dddf0628-e90c-11ed-b29b-3674233cca68
cache-control: max-age=31622400
accept-ranges: bytes
cf-ray: 7c1be06dd99d92c9-FRA
x-cache-hits: 16, 1

GET
H2 200 web Show response
onesignal.com/api/v1/sync/780445e1-e0f5-4511-946c-e03913687877/ 3 KB
2 KB 34ms
18ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/780445e1-e0f5-4511-946c-e03913687877/web?callback=__jp0

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078a2181e7a1f529142354675a992371903a768d16930b9392c7fc72da680fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1437
cf-polished: origSize=3414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5421c3e4-8c30-477d-bb73-e4c1ee98f3cb
x-runtime: 0.025305
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"68aa94c1076e787ae711bc1d36ab20c1"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7c1be06e187bbbd7-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 03 May 2023 23:17:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V18NBPRHD7&gtm=45je3510&_p=692245422&gdid=dZGIzZG&cid=1174966409.1683152274&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683152273&sct=1&seg=0&dl=https%3A%2F%2Fauto.gemvpn.xyz%2F&dt=LGBTQ%20Nation%20-%20The%20Most%20Followed%20LGBTQ%20News%20Source&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V18NBPRHD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1203094-4&l=dataLayer&cx=c

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ce8909a049ace173a84028f641512180c566c4a947d6c4360889d0faba214cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45743
x-xss-protection: 0
last-modified: Wed, 03 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H2 200 hotjar-1893332.js Show response
static.hotjar.com/c/ 9 KB
4 KB 39ms
9ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1893332.js?sv=6

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

586eb2459d2ce523d33189b54dc22d3a287a814e82db1eb6663469828ff5653a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 22
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/452dc9d9639178bd795088011942b972
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 92Y2QmSnxKF1tU3f3fCK-p5zV5edSfST5cIAkdNYa4PVyCGQHX2J-Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCVV72

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf00119465854900a4c7dfdbb306d83fc5844d8c7d7aaf164b429c26ee9a0d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39734
x-xss-protection: 0
last-modified: Wed, 03 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 22:17:53 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 20ms
20ms Stylesheet
text/css 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 544
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7c1be06e6fd43662-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 02 Jun 2023 22:17:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 21:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4369
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 23:05:04 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 499ms
108ms XHR
text/xml 3.236.169.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D47%26bt%3Dnull
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-56.compute-1.amazonaws.com
Software: /
Resource Hash: d7edc652255681b3c2edb94fbf1e8e1e6594a4ab50bac7e9c6ae96cd6899d5e3

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Wed, 03 May 2023 22:17:54 GMT
x-amzn-RequestId: ac5c8697-014c-5ace-84e4-da5bde9e8388
Content-Length: 378
Content-Type: text/xml

GET
H2 200 modules.b440b8b3971e5ec6056f.js Show response
script.hotjar.com/ 264 KB
68 KB 27ms
6ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b440b8b3971e5ec6056f.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 46126
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69234
last-modified: Wed, 03 May 2023 09:28:55 GMT
etag: "4d60597d3bb7082d16c50293546f6f66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: kDxfb_eOKBewvP5ZIDpL5oUx3n3bl8PTlu_QLTZw-R5C_PJnHl3NqQ==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 21:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 May 2023 22:33:07 GMT

GET
H2 200 5.112e6dc7.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 7ms
6ms Script
application/javascript 2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.112e6dc7.min.js
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
content-encoding: br
cdn-edgestorageid: 1075
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 04/25/2023 22:14:02
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:02 GMT
server: BunnyCDN-DE1-1078
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850aa-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a6fdc02a4a537fbde59a49ee3dc302cf
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 24ms
24ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=692245422&t=pageview&_s=1&dl=https%3A%2F%2Fauto.gemvpn.xyz%2F&ul=en-us&de=UTF-8&dt=LGBTQ%20Nation%20-%20The%20Most%20Followed%20LGBTQ%20News%20Source&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=807851238&gjid=513001177&cid=1174966409.1683152274&tid=UA-1203094-4&_gid=1185182304.1683152274&_r=1&gtm=457e3510&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=1442446484

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/780445e1-e0f5-4511-946c-e03913687877/ 176 B
766 B 49ms
39ms Fetch
application/json 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/780445e1-e0f5-4511-946c-e03913687877/icon

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

010232417c65b9fe5575b05cc45503818b57f0b9b08ba0af9d28006dd2ba1ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 4e9674a6-e88a-46da-88e8-7614ede711bf
x-runtime: 0.008924
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"010232417c65b9fe5575b05cc4550381"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7c1be06f5cdc3618-FRA
access-control-allow-headers: SDK-Version

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
352 B 51ms
17ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1203094-4&cid=1174966409.1683152274&jid=807851238&gjid=513001177&_gid=1185182304.1683152274&_u=aCDAAUIgAAAAACAAI~&z=1726950544

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 22:17:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d9f9a80f-ebb8-45db-8372-62851c496a86.png
img.onesignal.com/t/ 15 KB
16 KB 76ms
59ms Image
application/octet-stream 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/t/d9f9a80f-ebb8-45db-8372-62851c496a86.png

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d4d794b436e41d1945f5c560956cf6667f2e91790ca12cca9f42160425bbc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Wed, 03 May 2023 22:17:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduAyxTp4p22sTeiZw9EJqQmHOusO8JUEGykMZSHxPYd4iZcuwJl1qKYMDeLbPXFvToRsXiS7SRNJJamTOB4LtdUJQ
x-goog-meta-x-goog-source-etag: "7448e8fa99045c4eb6a30d402b24edb0"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15309
pragma: no-cache
last-modified: Tue, 14 Feb 2023 02:14:43 GMT
server: cloudflare
etag: "-CLnji7f4k/0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676340883550649
content-type: application/octet-stream
x-goog-hash: crc32c=QXGB4Q==, md5=dEjo+pkEXE62ow1AKyTtsA==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 15309
accept-ranges: bytes
cf-ray: 7c1be06fba4cbbd7-FRA
expires: Sat, 03 Jun 2023 22:17:53 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 233ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1203094-4&cid=1174966409.1683152274&jid=807851238&_u=aCDAAUIgAAAAACAAI~&z=1250321765

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 236ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-1203094-4&cid=1174966409.1683152274&jid=807851238&_u=aCDAAUIgAAAAACAAI~&z=1250321765

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 99ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=auto.gemvpn.xyz

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 102ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=auto.gemvpn.xyz

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 202ms
202ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4095677211877134&correlator=4171420152011658&eid=31073865%2C31074114%2C44789878&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=4564944%2Clgbtqnation%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%2C300x600&ifi=1&adks=4155109806%2C3574728437%2C3152155227&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=ad-location%3DSkin%26adb_imp%3D1%7Cad-location%3Dlb_top%26amznbid%3D2%26amznp%3D2%26adb_cfg%3DLGBTQ%2520DT%2520LB%2520BTF%26adb_bdr%3Dnone%26adb_imp%3D1%7Cad-location%3Dbox_large%26amznbid%3D2%26amznp%3D2%26adb_cfg%3DLGBTQ%2520Box%2520Large%26adb_bdr%3Dnone%26adb_imp%3D1&eri=1&cust_params=UGC%3Dno&sc=1&cookie_enabled=1&abxe=1&dt=1683152274019&lmt=1683152274&dlt=1683152273021&idt=141&adxs=0%2C436%2C1075&adys=0%2C13%2C653&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fauto.gemvpn.xyz%2F&frm=20&vis=1&psz=1600x4600%7C1600x4600%7C320x631&msz=1x-1%7C1600x24%7C320x600&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1174966409.1683152274&ga_sid=1683152274&ga_hid=692245422&ga_fc=true

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5bf5ce030a13df68a1bbf0ce7d5de401286cd1bcadec535ef7306da88888d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13430
x-xss-protection: 0
google-lineitem-id: -2,6274722128,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138429352364,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://auto.gemvpn.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C893 6 KB
3 KB 50ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 22:17:54 GMT
expires: Thu, 02 May 2024 22:17:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content /
adspsp.com/pt/2634970/11/3/ 0
110 B 211ms
172ms Image
image/png 35.166.210.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2634970/11/3/?a=2,a2lh89eluoX1nQS9qsjL,kvJ0Skkf8u&aa=00Gumh&b=0,1,2,3,4,5:6,7,,2v:8,9,,35:a,b,,2n:c,d,,27:e,f,,2c:g,h,,3i:i,j,,38:k,l,,8G&b=0,1,m,n,o,5:6,p,,2v:8,q,,35:a,r,,2n:c,s,,27:e,t,,2d:g,u,,3i:i,j,,38:k,l,,8G:v,w,,2e&bi=1,A140df16528154a5,28,U2374761c09ecab,adbridg_ad_adblntoplb_1,%2F4564944%2Flgbtqnation%2Fhome,2,1040162,5,20883108,9,581900,18,LGBTQ_Desktop_Leader1,33,Pdttf083ZaS8TaUTNJ50ah7r,116,213789743,154,dWBJy2QKOr6jjQaKlId8sQ,166,20463,26,U3f6b6c43f8cba9,adbridg_ad_adblnboxlarge_1,1040158,20883105,581897,LGBTQ_Desktop_Box2,ftxO295svn2Cfny2yioNrqmc,681402167,185,19223aa4164a1c25e26050b8dc979c59&e=&c=https%3A%2F%2Fauto.gemvpn.xyz%2F&d=&f=1.lh89elmk.1T7x.2Thg&g=2Tw1&u=116e1332:lh6sexwl:3if&v=18g.xc.0.3js.1.0&m=z&rnd=1683152274044
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.210.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-210-191.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBCE 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLXsEHCLghHPN3XFUC463HJzzXS6TF2Onz0nJkeMG4ODaAMr3L7rI-JfCo7WEgMUzBucwrXTTB-Bpz7AiNtPzrjdPyzlMlnypkEMt_hB4pZrx3pSv87NMTQIju0oGWl4hQ0TRjpBvaXbQPGA1Kt5dFMWyuGd97VJufhYWPDgEQWZmDnHWWBQHRXYSu-u40g8yM3tzQw_IcX8rgNARHIsFA1ciG8ydlZHOJsWtjDI-UFYa5Rpm74AzftkWYCvveGKh0l5FiXTFkPhXbHyKlxZzSvN8htIM9OeiQIvBFRd9Cra1_5Nr2FcqxNQ1hwPyFyKvR30o&sai=AMfl-YSe_H7mBiV1R8eEs2Kq6mRH56mLFJ8gQQ311BMUuC1pBeXqXhHpV77rD0BnhBT5kWs5nya1a-iHS0swpOtH_ARbotvnl3OQd9xIgt5ZJ04&sig=Cg0ArKJSzHHDUoGDOfIzEAE&uach_m=[UACH]&adurl=

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 22:17:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame DBCE 3 KB
2 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: dfboipmnnah5o.cloudfront.net
URL: https://dfboipmnnah5o.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBCE 160 KB
49 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dfboipmnnah5o.cloudfront.net
URL: https://dfboipmnnah5o.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50014
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683113006724128"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:17:54 GMT

GET
DATA 200
OK truncated
/ Frame DBCE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c83cd5b6248eb2fc10c433d97714f8242976167142185be6285eaf956caf745

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 461803811485666476
tpc.googlesyndication.com/simgad/ Frame DBCE 33 KB
34 KB 28ms
8ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/461803811485666476

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6ad82300e1749f04ee29217e24165735cb57fbfbd7e951c4243e4006a06e1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:55:19 GMT
x-content-type-options: nosniff
age: 336155
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34168
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 17:56:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 00:55:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBCE 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM5Jw4JV1T5Wd_lMs3MXCLEGqAhyKVdmNgeLls966e00llQJIAjyjpmPasO27QhGJ4ENGaZ7Z8mL8mS1EdnIUv8wZcrrfdO84W8AQ8-y8SHdQiREkz3TGa09O8t85YNcuIRyRWE8krxuX_whG7sY3w-046Vkzw8BiwHGBhmosRCCwcK-9QwGP44x0qh0iPkoSNIVqM0ycvips6DIRfrPz5dDr0fJ4I8dN4mVjuv7I-BeZK4pSsAkEli3VVpVMKoJOD2HZPVLnh3heAQNxLJDGqLz2OyXqSdUqxznvTraIWRQKtglhq_dCGZ9wIykkg384prKEhgA&sai=AMfl-YSClTX9OvLDq_yyzV32vUODh12dfIloMQHaSsJieX0_o3hpfY8j16KBEkNqdB4zZhLYd5Qd_LNrf0eRDKvrLEFixSMnS6AJl8osqBMreQg&sig=Cg0ArKJSzMM_dBuHBrmqEAE&uach_m=[UACH]&adurl=

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 22:17:54 GMT

GET
H2 200 async-api.8f89c105-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 32ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.8f89c105-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: mU67jycgcinZxIFlMFQSe3f.nxc8alvQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: 37BCS8DNZHFEX51F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1293
x-amz-id-2: l7Sao9WnOGc5CscYZH3uUViOtgVHcPpjk5kE/fPGBUygGNaNTDprb0BNj/7u1DP8P15bLFbq5Kw=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.410678,VS0,VE0
etag: "c795d925c282d627e664bd4811db2c5f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 818

GET
H2 200 lazy-loader.67423d16-1.231.0.min.js Show response
js-agent.newrelic.com/ 928 B
617 B 32ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.67423d16-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: T3hyF0giIyFMr4zq18cu84rHhrcGImyr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: 37B1K184NX2X7FRQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: k5L/2mfzMyXve8s1l6Dl4lgGgtutkuhhdaCioUYljnUFn7YTJgVLiw2s3aE5MrfjGblCqgbP0OY=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.410757,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 817

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 97ms
75ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305010101&st=env

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51fd7b25448f19b4acdd747a7491910a41e9fb06a1601b6e430b04a957b561d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11157
x-xss-protection: 0

GET
H/1.1 204
No Content /
adspsp.com/pt/2634970/12/2/ 0
110 B 173ms
173ms Image
image/png 35.166.210.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2634970/12/2/?a=2,a2lh89eluoX1nQS9qsjL,kvJ0Skkf8u&aa=00Gumh&b=2:1,26,0,0,0,true,0,,0,0,U3f6b6c43f8cba9,adbridg_ad_adblnboxlarge_1,%2F4564944%2Flgbtqnation%2Fhome&b=2:1,28,2fln9il,1gpmbju,1rld9fvw,,2vrt2kw,qy`6y,1rld9fvw,2vrt2kw,U2374761c09ecab,adbridg_ad_adblntoplb_1,%2F4564944%2Flgbtqnation%2Fhome&e=&c=https%3A%2F%2Fauto.gemvpn.xyz%2F&d=&f=1.lh89elmk.1T7x.2Thg.3T15h&g=3T15t&u=116e1332:lh6sexwl:3if&v=18g.xc.0.3qp.1.0&m=z&rnd=1683152274396
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.210.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-210-191.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H2 200 862.04af29e3-1.231.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 6ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/862.04af29e3-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: F3uiK5YwfyYXl9HDrytyVd85M_NbPJob
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTGYTYZGYTEE5VR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3627
x-amz-id-2: CnoHNTRWJk/FswBIswZL53MF3lVkOZRgjF8pScf2uhb05x7xqmtixOsgewdo6Clj5FnD4CPUQgc=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.421077,VS0,VE0
etag: "8ff6f8d3b9281c2834e211ce2228757e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2995

GET
H2 200 page_view_event-aggregate.8cf0450e-1.231.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 6ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.8cf0450e-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: YL5vYhsqsLDVb5Z0VzI.0IKZ9oVf.jnj
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTTS9CQWGF416KD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4107
x-amz-id-2: Lk3Gf6ZFg2qFe0YszWBoBDq4Jr85JvIsv4FhXT4LVfwr7XtpheTYp7TKEGRXx9TIGVaYfcXs6I0=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.421534,VS0,VE0
etag: "927ef57448f4e9500b6ddd704625d0b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3007

GET
H2 200 page_view_timing-aggregate.a30a53ff-1.231.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.a30a53ff-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: tXajjyfh__GTM5HYavqt0WCAqFhJIRAd
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTKRCBWK9DY9VF2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4637
x-amz-id-2: CKWepQMptbiGZFbvmlyoSJpxWV7TanAvkhpurJpPVUD+E87oxr/ze2rgQ9QP/sPuOgvywtwCjnc=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.422051,VS0,VE0
etag: "81350454b5ae22caf77cada88c68cd10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3004

GET
H2 200 metrics-aggregate.78efb4d5-1.231.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.78efb4d5-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: GnoOJSNFMPBLvvU2loT.6gfpbCRyQb8e
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTZPDPNJWS35TK2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1587
x-amz-id-2: fUoQ+XMTbTgwmL/Eea4Z/+Eqgm9QhGJWm7/n7/PpAZUPdgH3OTX2ZX9ZNwi81DBuJoAMOluu2sQ=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.422638,VS0,VE0
etag: "25879f97e7abf9cd89e027ff5a41ed81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2993

GET
H2 200 jserrors-aggregate.0b4d6623-1.231.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 7ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.0b4d6623-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: sBZl8cmCtUvWsekLB_5JE6E4NTVXZbrJ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTG5BSGJZ3576BQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: mzcws6fZHkHHrTADpFtfGdNmxISvxtuagteg9fmLGk/mdvXhaqP1WG59IV24D8qGPn0nTH1AKMY=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.423139,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2109

GET
H2 200 ajax-aggregate.b0da4738-1.231.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.b0da4738-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: fX33moFHF9HahFsZ9OF7r7ctzevPre0s
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTPJEJPB2M16VS2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: o+z7o+gVJvxMzYo6RoTcp2dMOyyOsURblNe0x2s7wXZVVnC1VKMxRJ65qOIQQ6u3vuWgPfv3JJw=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.425159,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2097

GET
H2 200 session_trace-aggregate.0938abd3-1.231.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 8ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.0938abd3-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: wGz7Zc4CdeNSHrMhENAh1KuuSWZPluFa
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTKVMK4G03C9ZJV
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3219
x-amz-id-2: eI6Spho81iFK1wd6ak7IEwK4jY14z4wsClJIOi/E7+BvCsOVulW0w6tNsvxh+lK7txj/UfZ+44c=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.425280,VS0,VE0
etag: "e48f352e197fb565313a4b08e8d2220a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1741

GET
H2 200 page_action-aggregate.42c392aa-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.42c392aa-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: y9zWfqNMoXLtAEnsmpgdpZ1x7ixYhd2R
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: TD9VJ30EHGF3GVXH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: m/JfP/uIDF1zMjEEsLJNvcUwEphuCWd8SnvQ8bzdTukQ+f/0jFKVz4C0Wh17Xa8hA+99HRL0Ifw=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.425290,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1359

GET
H2 200 spa-aggregate.19ebdf8d-1.231.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 7ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.19ebdf8d-1.231.0.min.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Nv8wrgEhI.ic6ql5Cch9vZS5.tVJ_ipI
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 22:17:54 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTQ2S1B4EK13KEQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6566
x-amz-id-2: 3XspXqooYA/1dqYAfEd34SASadpCTQLAKTeshZF0HeNMmY25/RC/UbzrxlAzx5R3C9BXGNBbxjU=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683152274.425555,VS0,VE0
etag: "b29b6d7f913058268f8d081edc70f25c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1778

GET
H/1.1 200
OK NRJS-e7ac69b9ed0b3ee6edc Show response
bam.nr-data.net/1/ 49 B
397 B 252ms
221ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-e7ac69b9ed0b3ee6edc?a=502295015&v=1.231.0&to=Y1RTMEpSX0EEUE1aCloecAdMWl5cSlpXVwBM&rst=1546&ck=0&s=0718c12a7b3f06a9&ref=https://auto.gemvpn.xyz/&ap=1298&be=121&fe=1376&dc=520&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1683152272891,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:21,%22c%22:21,%22s%22:27,%22ce%22:54,%22rq%22:54,%22rp%22:121,%22rpe%22:133,%22di%22:628,%22ds%22:638,%22de%22:641,%22dc%22:1493,%22l%22:1493,%22le%22:1497%7D,%22navigation%22:%7B%7D%7D&fp=448&fcp=448&at=TxNQRgJITE8%3D&jsonp=NREUM.setToken
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230047-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 22:17:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AEF 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 21:28:19 GMT
expires: Thu, 02 May 2024 21:28:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B29 783 B
969 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8dc2686a6924f4ce352926fea49d2f463d302fce7a04f72bf9a61e19030b5ffd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ldl5-yOZ07y35eHIfA2RoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ldl5-yOZ07y35eHIfA2RoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 22:17:54 GMT
expires: Wed, 03 May 2023 22:17:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AEF 37 KB
14 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FHHDynUGsrfH4TjWcGmt-S1vebovfm5iFoLlE4fXdvI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 12:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 552178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14620
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 12:54:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B29 0
0 48ms
43ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305010101&jk=4095677211877134&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AEF 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ovmakg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK NRJS-e7ac69b9ed0b3ee6edc Show response
bam.nr-data.net/events/1/ 24 B
344 B 239ms
239ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-e7ac69b9ed0b3ee6edc?a=502295015&v=1.231.0&to=Y1RTMEpSX0EEUE1aCloecAdMWl5cSlpXVwBM&rst=1831&ck=0&s=0718c12a7b3f06a9&ref=https://auto.gemvpn.xyz/
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://auto.gemvpn.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://auto.gemvpn.xyz
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230047-FRA

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D7A2 0
0 332ms
103ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dWBJy2QKOr6jjQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP015 /
Resource Hash

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 03 May 2023 22:17:54 GMT
server: 33XP015
x-33x-status: 2000208

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1EF6 21 KB
8 KB 56ms
27ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU6A725L&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8e2b5e4e1553a10c0ffdc5a48105399af3ad9fa651c0adbe29745cca57c87c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7971
content-type: text/html; charset=UTF-8
date: Wed, 03 May 2023 22:17:54 GMT
expires: Fri, 05 May 2023 22:17:54 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E3F0 281 B
554 B 43ms
7ms Document
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 May 2023 22:17:54 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E3F0 34 KB
10 KB 14ms
14ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 62af8ad971cb7d59cde886031e7c5526f814537f33a3c1b3e5bb72ae5940e66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 22:17:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 May 2023 03:01:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16941
Connection: keep-alive
Content-Length: 10017
Expires: Thu, 04 May 2023 03:00:15 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0345 52 KB
17 KB 67ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 57402
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 03 May 2023 22:17:55 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1531, 296684
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230026-FRA
X-Timer: S1683152275.009669,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0665 37 B
140 B 34ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://auto.gemvpn.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 03 May 2023 22:17:55 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0345 0
861 B 13ms
13ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 22:17:55 GMT
AN-X-Request-Uuid: 2d7e1237-fb83-4f19-8234-bdb8ed864be0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E3F0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjE2ODRhNzNkMDI2NTVlMzkyNTI1MTFhNDcyODY5ZDgwYjM1YzVmZg

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjE2ODRhNzNkMDI2NTVlMzkyNTI1MTFhNDcyODY5ZDgwYjM1YzVmZg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjE2ODRhNzNkMDI2NTVlMzkyNTI1MTFhNDcyODY5ZDgwYjM1YzVmZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E3F0 70 B
265 B 97ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 May 2023 22:17:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E3F0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg4OUVNNVMtMUItMU1EUw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMEuadWqdq2CYyT54c3UBJk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg4OUVNNVMtMUItMU1EUw==&google_push=

170 B
232 B

16ms
16ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg4OUVNNVMtMUItMU1EUw==&google_push=

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg4OUVNNVMtMUItMU1EUw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E3F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJgLlbiy7PbF0CCl2kER6rg&google_cver=1

0
239 B

29ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJgLlbiy7PbF0CCl2kER6rg&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJgLlbiy7PbF0CCl2kER6rg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E3F0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=daILyvFyScOJcnZiH7oOCg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=daILyvFyScOJcnZiH7oOCg

43 B
479 B

37ms
37ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=daILyvFyScOJcnZiH7oOCg

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 22:17:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 995SGTSYHSJEP3FQME4B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=daILyvFyScOJcnZiH7oOCg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E3F0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/9yJeJldy1ivpD2mkmwTf8sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LRhRTMhE2oKgxtzNAtlWJvIzCGbp7N_Gi.yT7w--~A

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LRhRTMhE2oKgxtzNAtlWJvIzCGbp7N_Gi.yT7w--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 03 May 2023 22:17:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LRhRTMhE2oKgxtzNAtlWJvIzCGbp7N_Gi.yT7w--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E3F0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH89EM5S-1B-1MDS

0
866 B

150ms
110ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH89EM5S-1B-1MDS
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 22:17:55 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ECC598D9F7FA4448A7F2CA81BA6CA8C3 Ref B: DUS30EDGE0320 Ref C: 2023-05-03T22:17:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX60W13XaDifaGff9rUZA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH89EM5S-1B-1MDS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E3F0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wlW3JyMbSn6FZ8pRBqGKrg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wlW3JyMbSn6FZ8pRBqGKrg

43 B
479 B

107ms
107ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wlW3JyMbSn6FZ8pRBqGKrg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 22:17:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BZBM3J2RAH7J6PZREMQ4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=wlW3JyMbSn6FZ8pRBqGKrg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305010101&jk=4095677211877134&bg=!aGulaz_NAAYcDqajPA47ADkAdvg8Wm4t9LV56205OKM6Z9usyDJPQ7Jf1-A_GzSjhTyHSClQYxb4n6xL44D6InFn-0gLtXezdeACAAAATlIAAAACaAEHCgC1Y0uGcGJQaY6kHAGrLiATW825rCieWTtxCXflnypmtENu1LoVZKxwVPvr_d8pWsVX64DMhGNU5LCh4aLuwJpKKf0BxVKLctdpl9XS-rFZ8rOGgB1TiW6BEcCGU3V5dUycb4CTwkaobaPQ94l0DJhh_oLl2O20LkHAUixpEF7g1zCYPZEK4M3rpsYeXbJKskzfP5iTlCh3PM0T6xbW1z6YFqzBX2rVEOB5_EmcMsZfGSOuI-WgH5kCzKRSdvENKeblO13bS-hLXzMOxniFZ8d7vYzRngJXer8OVNrz2QpHzZa3pnRlTa78mwZvCWHRDk2QFCEYxF3ie0pnujc8DW9xXL55oRyw8xaRyXJ-ZS6QHfrQljJTF6qAGCeSNnWpdfw8JRbvjXa0UbGAP9ZGGmDvhxQ7xcNZzlDsXj36L0kybEH9nqRq_0oteV_l1_mFLDPZ7AfmwpDCtXx8jt-2tA3OC6-V3Tbc-qR5N3DtGXMCrI0fA2yx1ZTaqgLqS_hbHCDmxioevMGN8ZBOMj8mMMg7iNJfiA7iirW9U8iTO1y1yr4Z1tlj1XRf3o2CWBvs9ppbqbaUGSlQa6IHPv1HTTfS427henfuqwp2n3haULSPkAsdxau2hMBvfyvOdI3-NpJfnZg5WEqdoNshNzwkGQKKG-5yVjiylWgB4-qzSE8PgUtyYjKKv0Zjc0CS__F3Vu2-8nQ7bWnBP6bVdASBFhxwHWlWXDRNUQCve2GXVzLRzpg0k02CvDosgvh4j4PYnjuap8tms5de1LpeX35jH78totPZ5-vUg1JCA2SY-s86_PxrwhGd_kzb902rMk1tEXFrmkIvWASaaaY_ov40oPsyS0QtiYwc8nC3Bg-Y5xS591ms37-L6K8Chj407k5t1bXL4axiA7qzx_k8tz2j6r-4c_qf3WO4SAnN0oWoyTLLCz8EOxGnAI1yTpf4NAwEaECEvKGa1t2TmGWqM9xf0q1ecKQWI3DU4SS47baJxghPLpeXj1P7-yODaj_k4q4LfXwPxJ6uW3XaiGsjuK8Imhxnlci1RV57yOQh91c1qrsxQXXArC81cPSC2gvrh3xgzNXyWelcyQWMHkohpymOfju_Dil6nzggmQhpKZqMCLzVwK75xgDeajFumizDOgff0djGcuebCU3eaj4kAR6NLhCKXa5VFyWi3o840EXiJj4mnqIa3JqT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBCE 42 B
174 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxyOWXd8qeRJi3rZhdjuSEGEWpjmcax68W9_sJbOiPWXxlyldMbrIsvfBt8qm1oywosWqybkLq_cR6tUmMjilVTvJ2KXOET9uh46kiWBlY7jAf5hGu&sig=Cg0ArKJSzAOgupyF5ofeEAE&id=lidar2&mcvt=1000&p=12,315,262,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230503&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3574728437&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683152274259&rpt=117&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: auto.gemvpn.xyz
URL: https://auto.gemvpn.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 22:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content /
adspsp.com/pt/2634970/15/2/ 0
110 B 173ms
173ms Image
image/png 35.166.210.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/2634970/15/2/?a=2,a2lh89eluoX1nQS9qsjL,kvJ0Skkf8u&aa=00Gumh&b=1:1,28,U2374761c09ecab,adbridg_ad_adblntoplb_1,%2F4564944%2Flgbtqnation%2Fhome&e=&c=https%3A%2F%2Fauto.gemvpn.xyz%2F&d=&f=1.lh89elmk.1T7x.2Thg.3T15h&g=3T1xw&u=116e1332:lh6sexwl:3if&v=18g.xc.0.3qp.1.0&m=z&rnd=1683152275407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.210.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-210-191.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auto.gemvpn.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Server: linux
Connection: keep-alive
Content-Length: 0
Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0345 0
861 B 13ms
13ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 22:17:56 GMT
AN-X-Request-Uuid: b38dec0f-4ed8-49b9-80d7-55856a95bc50
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gemvpn.xyz/	1970-01-20 20:18:08	Name: _adb Value: a2lh89eluoX1nQS9qsjL
.onesignal.com/	1970-01-20 11:32:34	Name: __cf_bm Value: WuuXMjSnQe7aqPqfJL5JYT78L.lMtVda196f.Ba3abY-1683152273-0-AUX0Za9wXLor7mmiZoO4iT+/KjrYJASb4h0s6IvRE/+vPv2M1Bg3RJbFu/zalYpwWjdNgOTkaWtId1avGw5XrEI=
auto.gemvpn.xyz/	1970-01-20 21:08:32	Name: _omappvp Value: JSQQQcYclYWHdwSBhmUpgrRRyZddhRQ7vSEAMmHui6X3HhC7G3Ta3CdSjz7ctqI33LAQ6B810yFpr9LmmOnPjM5PZbJUGrDo
.gemvpn.xyz/	1970-01-20 11:33:58	Name: adbrgn Value: DEHE
auto.gemvpn.xyz/	1970-01-20 11:32:33	Name: _omappvs Value: 1683152273435
.gemvpn.xyz/	1970-01-20 11:32:34	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://auto.gemvpn.xyz/%22%2C%22sref%22:%22%22%2C%22sts%22:1683152273490%2C%22slts%22:0}
.gemvpn.xyz/	1970-01-20 21:01:56	Name: _parsely_visitor Value: {%22id%22:%22pid=46057374-2dcf-48fc-bd85-6a1a527f22b5%22%2C%22session_count%22:1%2C%22last_session_ts%22:1683152273490}
.quantserve.com/	1970-01-20 21:02:46	Name: mc Value: 6452dd91-7f835-a6ac3-91a16
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-necessary Value: yes
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-functional Value: yes
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-performance Value: yes
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-analytics Value: yes
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-advertisement Value: yes
auto.gemvpn.xyz/	1970-01-20 20:18:08	Name: cookielawinfo-checkbox-others Value: yes
.gemvpn.xyz/	1970-01-20 20:57:01	Name: __qca Value: P0-1229294002-1683152273414
.rubiconproject.com/	1970-01-20 20:18:08	Name: khaos Value: LH89EM5S-1B-1MDS
.rubiconproject.com/	1970-01-20 20:18:08	Name: audit Value: 1\|naVuGyos1qoRSyWjVRD0onjc0/aJelRdbjRFtGIHH0vix8/D4moDzLR4GwU2Nxou1LCLSO8SGUg8IMsWxa0pVMxuhZpbWKLt+s7pySpqk98=
.adnxs.com/	1970-01-20 13:42:08	Name: icu Value: ChgIscx2EAoYASABKAEwkbvLogY4AUABSAEQkbvLogYYAA..
.adnxs.com/	1970-01-20 13:42:08	Name: uuid2 Value: 7167927866562856375
.gemvpn.xyz/	1970-01-20 21:08:32	Name: _ga_V18NBPRHD7 Value: GS1.1.1683152273.1.0.1683152273.0.0.0
.gemvpn.xyz/	1970-01-20 21:08:32	Name: _ga Value: GA1.2.1174966409.1683152274
.gemvpn.xyz/	1970-01-20 11:33:58	Name: _gid Value: GA1.2.1185182304.1683152274
.gemvpn.xyz/	1970-01-20 11:32:32	Name: _gat_gtag_UA_1203094_4 Value: 1
.gemvpn.xyz/	1970-01-20 20:18:08	Name: _hjSessionUser_1893332 Value: eyJpZCI6IjY3OWVlNDVlLTkwYTYtNWVhMC04ZjM2LTAwOWNiNTg5M2FkNiIsImNyZWF0ZWQiOjE2ODMxNTIyNzM3OTMsImV4aXN0aW5nIjpmYWxzZX0=
.gemvpn.xyz/	1970-01-20 11:32:34	Name: _hjFirstSeen Value: 1
.gemvpn.xyz/	1970-01-20 11:32:32	Name: _hjIncludedInSessionSample_1893332 Value: 0
.gemvpn.xyz/	1970-01-20 11:32:34	Name: _hjSession_1893332 Value: eyJpZCI6ImZjYjQzMWRmLTEwZGEtNGIzZS05YTE5LWY4NzdlYmM4NDI2NiIsImNyZWF0ZWQiOjE2ODMxNTIyNzM4MDAsImluU2FtcGxlIjpmYWxzZX0=
.gemvpn.xyz/	1970-01-20 11:32:34	Name: _hjAbsoluteSessionInProgress Value: 0
.gemvpn.xyz/	1970-01-20 20:54:08	Name: __gads Value: ID=5edc37ce0e336ef8:T=1683152274:S=ALNI_Mb6OZljfn1uACWcoLSVPrLBNHOrOQ
.gemvpn.xyz/	1970-01-20 20:54:08	Name: __gpi Value: UID=00000bf528828c03:T=1683152274:RT=1683152274:S=ALNI_MaKD_9N66m4cNEOOoJPAXQ6_lkNLA
.doubleclick.net/	1970-01-20 20:54:08	Name: IDE Value: AHWqTUn63K13DujnSlFYoh4YCQViq3VCHSrOaa94ydMkWzsqZuqw2fXlR64vXPml8oA
.yahoo.com/	1970-01-20 20:18:29	Name: A3 Value: d=AQABBJPdUmQCEOHt_ZgViNMw1H69t1abIf0FEgEBAQEvVGRcZAAAAAAA_eMAAA&S=AQAAAgm21lT8_IRK-6nWSv1Kcx4
.linkedin.com/	1970-01-20 20:18:08	Name: bcookie Value: "v=2&80577666-ec06-4007-8fcb-6d9c2a6f6ebd"
.linkedin.com/	1970-01-20 15:51:44	Name: li_gc Value: MTswOzE2ODMxNTIyNzU7MjswMjEqSLkgJnzV2s0+uwUu2ugJ0MakrHCVF3BkPjRlXjsUcg==
.linkedin.com/	1970-01-20 11:33:58	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2663:u=1:x=1:i=1683152275:t=1683238675:v=2:sig=AQG1B680HZ7_loyqy_dzOMi_HpQbqB2c"
.amazon-adsystem.com/	1970-01-20 21:08:32	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 17:22:27	Name: ad-id Value: A1A4FH3dw0QbnkdPwCm14yU

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://dyv1bugovvq1g.cloudfront.net/47/auto.gemvpn.xyz/.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.omappapi.com/v2/embed/40711/qun2nne3a2xz7mclcnpb Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.omappapi.com/v2/embed/40711/wwuruqctmkqmwftvq8q1 Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://auto.gemvpn.xyz/(Line 3) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload max-age=31622400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a092dce913a66865d9d2fe117a53023.safeframe.googlesyndication.com
a.omappapi.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
abuwjaawap.cloudimg.io
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
adservice.google.co.uk
adservice.google.com
adspsp.com
ap.lijit.com
api.omappapi.com
auto.gemvpn.xyz
bam.nr-data.net
brightcombid.marphezis.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.onesignal.com
cdn.parsely.com
cm.g.doubleclick.net
contextual.media.net
d15kdpgjg3unno.cloudfront.net
dfboipmnnah5o.cloudfront.net
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.adspsp.com
hb-api.omnitagjs.com
i.clean.gg
ib.adnxs.com
img.onesignal.com
js-agent.newrelic.com
lgbtqnation-assets.s3.amazonaws.com
match.adsrvr.org
onesignal.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.adspsp.com
px.ads.linkedin.com
q-digital.videoplayerhub.com
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
ssc-cms.33across.com
ssc.33across.com
static.hotjar.com
stats.g.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lgbtqnation.com
108.138.1.25
108.138.4.150
13.248.245.213
13.32.27.49
13.32.99.23
142.250.186.38
142.250.186.98
15.197.193.217
151.101.193.108
151.101.66.137
162.247.243.29
178.128.135.204
18.193.173.250
18.198.174.134
18.66.100.58
18.66.112.92
18.66.97.53
185.255.84.150
185.89.210.180
2.18.235.93
2001:4860:4802:34::36
216.52.2.39
23.56.202.187
2400:52e0:1e00::1078:1
2600:9000:20eb:da00:3:aed2:1700:21
2600:9000:223c:ea00:6:44e3:f8c0:93a1
2600:9000:223e:b800:5:82fd:2500:21
2600:9000:2490:9a00:11:b309:9100:21
2600:9000:2490:fa00:1e:7118:9c80:93a1
2602:803:c003:200::51
2606:4700:20::681a:346
2606:4700:20::681a:832
2606:4700:20::ac43:4686
2606:4700:3033::ac43:a868
2606:4700::6812:d63b
2606:4700::6812:d73b
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9d
2a05:d018:d29:3602:feb5:e693:bc09:7eaf
2a06:98c1:3120::3
3.236.169.56
34.107.148.139
34.149.20.76
34.95.69.49
35.166.210.191
52.17.99.225
52.216.224.200
52.222.236.15
52.222.236.63
52.46.143.56
67.202.105.23
67.220.226.233
69.173.144.139
010232417c65b9fe5575b05cc45503818b57f0b9b08ba0af9d28006dd2ba1ed1
015066930e02a174b181bcc1c6ce5c151881c57be541ed32f641d97e672b7bf2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02fee94c1eba7afbec24a7937b3a43bc8a71ad0a90f13ffd7da10cd5f1786f3f
03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
04a93b12a645d07f4fb317582ecc4d739c1070aad68a46e69569aa1477076302
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05e78e055b18557a9102461c4f4ea15a43995d5dd8f3d12e169adaf1f3f77868
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078a2181e7a1f529142354675a992371903a768d16930b9392c7fc72da680fab
0a5c84fe649b14d96e13f821d43124e066af3a25facc7189737956f682c07721
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f4f7820fca74b7f87f72683e7a9a47d0a55bb6ec5eb72821e6048125a0fa2b1
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
1057e4f354e87601afb0d654f43d5305be92b50116d5bbfcd35e47f26024bdcb
1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed
1471c3ca7506b2b7c7e138d67069adf92d6f79ba2f7e6e621682e51387d776f2
1563de63068e769447daece44fa71e8cfe861ac1cafd1be5bce0d71007b5d0fe
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
171e358f6ae3926c731b24e04037707829bd2b4f4bbe2b9dac5eeed5a9eb3fdc
173e480c8155229cba065125c797fc03ed7c755acabcb148f2d0745ade9fed8f
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1ad80e243b7deca52718ccec392c5984b03fe92e8be029d5b8eda64fb05f5ad1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0bdf59b1ce2c43507c42dfc11f73185ab3b04717399db2544c458df3c1dfd8
1d5bf5ce030a13df68a1bbf0ce7d5de401286cd1bcadec535ef7306da88888d6
1e7e6536b9e185170f0846482b8b50e4eadfdcf096a0cfece62b946d43750282
282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41
2a2d07fabd119cc7e447abf4e4388c83bc295cd956480cea99ad3de61287cd15
2ce8909a049ace173a84028f641512180c566c4a947d6c4360889d0faba214cd
2ded5124597b6d194f60e23c9cbe44b9f150ff0695068581e1f477582b2ecf04
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a7301ef69acc2e8bb32e2a831ab0d20cf143e7dadc8a32cb646d3adfc947ba
35f2f2368016ce645c562760615bf6da82527619fc85092f59df11f867183c77
37b77089e6d1285acd9d8b59b5d9340204de9ef85387698a28315e630c18f34a
39b2a4ee2647a0ba753cef06d89128cb59585e2422c85cc585b313efcce1dbfe
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d4d794b436e41d1945f5c560956cf6667f2e91790ca12cca9f42160425bbc6e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4174e057be4e64a6ceda295202ffbfc9cae69ba3015568c6cdbdd200f642ec33
41961eb9e8787489bf7cdb2cc200741edd327c62d55832a446fb40b673b5d32a
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
484d2a59ebf4bec600c4d20aed383a0a38ee33d6d7043d31c0fcc423143222b3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
505799011939a803e0c6fb372c5b0ed517e7c41f88275dfec40e42322b62a7d3
51aaa102a38e781229d7ccf4572538d580f51d9edb2c59fdd94875f0a0c4d322
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
51fd7b25448f19b4acdd747a7491910a41e9fb06a1601b6e430b04a957b561d1
53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e88320751e3d91706367442e5df402ef8c51454ebc0161e7627ceba85bc1da
5811967f540d300d249ab30ae681359a7815fdb5d3dc71a94be1d491006a6b27
586eb2459d2ce523d33189b54dc22d3a287a814e82db1eb6663469828ff5653a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5be1466bde89a788e7fb321790b7ecd0d24214a5a8571f8f0f9ae322addac0ee
602148a87fffbf043822bdc441ce5b709cb41db4e203be40ec381a1ebf29a8e0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af8ad971cb7d59cde886031e7c5526f814537f33a3c1b3e5bb72ae5940e66e
674492bb351bc3c8328b014f9ad016d26361a9da7599de0f0af8dfdbb7b99d48
67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
71977ff12332da95182280f8d1de08bd64102999298c7b14bf1500c885a47ca5
73d16488d186dafad0d8dffc5f86b94e0c35d413be4b1741bc3df9242740c170
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747a3bba65f5fa699a05b34f7d60088ed3c5748004e2a8e43b1bf7778a130281
75000e96e6f6234ea2ae0454bc85b2f9796829b7191ba1cab893522f6c776062
7b14f39501d672924b7aa33ee8619892cc29467109d35147520b9641564c0ad3
7bab3a5f1889bcc91ab6563837a4b1b827239d8d5bb61741f6d4d7417c32ab55
7c072d42d70e55e36649a611c71449fade8f374eb1378b60b320ff1f2372c302
7c83cd5b6248eb2fc10c433d97714f8242976167142185be6285eaf956caf745
7d0cecd5e0748660f3aeea01981c4ee5e5150558a2281c0d5e5c3c3877eebd3d
802c95f9cbdcf9e286b3cbf423448376fe90991e1a7ea6305049991fc566a13b
8054bde23ce4fab74f3b298fb0c65091af2f3d400d0151c1c27642cec86ef514
84862f92bb17582c5bdfe677ce02a0fcb15c431f2479f54361fed78f41f9177c
8c5c88c6307b95428f2b8c752ef81f522d04390378cb8967db0a5f1834aac69d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc2686a6924f4ce352926fea49d2f463d302fce7a04f72bf9a61e19030b5ffd
8e2b5e4e1553a10c0ffdc5a48105399af3ad9fa651c0adbe29745cca57c87c00
90cc26f6c16ba3e4fd9be51d540a190ac8bfe09372758e7548a371bff73e14b0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9397b2b387738e9fe57a739486fa8738d5d9f4e64618bcbfc32b4a0704e4a0ed
93fa7f62f463a5096444715d966ef354ce69d6626dbb8b2c54c0ff4b8efd25b2
981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae
98fdb39d4187158aee8f3d65a6eff96564ccdf4126d3e04aa71a4650b14268c8
9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a850737601f3d30ad42147f68ef1ba63466ca56b816586366881d5d579551ecd
a97229c9e958921d471be27b553f9b36b694b2c113802357baa400ac871d930b
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ac8d24bc675e652069a3dde9386e2b0bcd4cb4e7e733a12583f1a428bc72ed4f
af52927fdd499ef10839eb3fb1fb14861115d6ef8017a37b8939c2a3d4700e8c
af737ee5d9d71c2396304cc8f9b159e238fb2f6b49192db9378adeb5a249a1e9
b3bc614d49c7aca41b773db1425a187f7b0ee3e431d5858d965a8ce73ef29821
b5d1743ca0b4b8db7aa3d4aee6aec8e0054dfd2abfa97ad8dd70693656be88c4
b6047eb3716ad9bd80022dd0c86875f17e10073f63bc84f6c3f299e1074c6f30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf00119465854900a4c7dfdbb306d83fc5844d8c7d7aaf164b429c26ee9a0d0c
c10d1a2842704c450e3cc9cde4d7cba033268da3d5e1cf46d6819cd8b5ca28a4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4074606040c859be816705f57d552c550b252f1f05513ed7fe931e8d2903080
c6c3342285049f5853f348e007471b75ec2a5d3966dbe7fc3e908fc530bcac37
c778bda3094da12779de09d802a68b515e0a90d419fb4847f1289560ec56db39
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce140ac48b3492e399d34cb78d7eb1c5893dfa69e632d93aa1b4fdfa86d9cdc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c1371b4395531a7e06bc774c623780aa4236499573c100def4155051d22ebb
d275cf281ca7b82e99a6ac994e58221479ea0eaf3777d64bcd103c90475d22e2
d7c20247857c9627b5552e890b46e76d22ae989102eeffb9ab5f62df6b1c9002
d7edc652255681b3c2edb94fbf1e8e1e6594a4ab50bac7e9c6ae96cd6899d5e3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
dcced8c57bb7b1624d7cc67afde6a78dfda2112b56ffddee38148aca180ce4b8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d59782968fe887a66eb653b45b9162a2c44dcd407152c68657bbb54d38d272
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05
e6ad82300e1749f04ee29217e24165735cb57fbfbd7e951c4243e4006a06e1e8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
ead6a381eba40a9adfd275e8e76149eb403ca81d2dbf79e2126f5ea5bab553c3
eb98e186ac26f3c45bf690ff488f9d1d73de6b0d973afccc2228e462f7951bc1
ed4a940faeaa3dc23dad3af003a54680db0da12d22214094dc171e0d10c3ca12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8f1e1909fe26e2d507b01748c27a1c20bfec5301fbe30fb3f1e87f87c2a7a
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
f820748946db28779e63d24e41128bf58612ce7187463ae22f7dde5cc0755ddc
fb27b39c4e5aa8be014a6a5437bb55ef383906b8bb28d5405d5254d10bcd96d7

auto.gemvpn.xyz Open in urlscan Pro 2606:4700:3033::ac43:a868 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

177 Requests

95 %HTTPS

48 %IPv6

41 Domains

70 Subdomains

66 IPs

6 Countries

1903 kBTransfer

4556 kBSize

37 Cookies

56 Outgoing links

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

auto.gemvpn.xyz Open in urlscan Pro
2606:4700:3033::ac43:a868 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

95 %
HTTPS

48 %
IPv6

41
Domains

70
Subdomains

66
IPs

6
Countries

1903 kB
Transfer

4556 kB
Size

37
Cookies

177 HTTP transactions
1 data transactions