exchange-gemini.casa Open in urlscan Pro
104.219.248.111 Public Scan

URL:
https://exchange-gemini.casa/
Submission: On April 21 via manual (April 21st 2021, 2:15:10 pm UTC) from US

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 29 HTTP transactions. The main IP is 104.219.248.111, located in United States and belongs to NAMECHEAP-NET, US. The main domain is exchange-gemini.casa.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 20th 2021. Valid for: a year.

This is the only time exchange-gemini.casa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.219.248.111 104.219.248.111	22612 (NAMECHEAP...) (NAMECHEAP-NET)
4	13.224.102.14 13.224.102.14	16509 (AMAZON-02) (AMAZON-02)
1	104.111.232.231 104.111.232.231	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.102.6 13.224.102.6	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:1bd::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
2	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.18.63.80 52.18.63.80	16509 (AMAZON-02) (AMAZON-02)
29	19

4 104.219.248.111 (United States)

ASN22612 (NAMECHEAP-NET, US)

exchange-gemini.casa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.102.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-14.zrh50.r.cloudfront.net

static.gemini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.232.231 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-231.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-6.zrh50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:1bd::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.63.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

canarytokens.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gemini.com static.gemini.com	53 KB
4	exchange-gemini.casa exchange-gemini.casa	769 KB
2	mixpanel.com api.mixpanel.com	488 B
2	facebook.net connect.facebook.net	96 KB
1	canarytokens.org canarytokens.org	238 B
1	optimizely.com cdn.optimizely.com	12 KB
1	linkedin.com px.ads.linkedin.com	630 B
1	google.de www.google.de	108 B
1	google.com www.google.com	108 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	sc-static.net sc-static.net	6 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	typography.com cloud.typography.com
29	18

	Domain	Requested by
4	static.gemini.com	exchange-gemini.casa static.gemini.com
4	exchange-gemini.casa	exchange-gemini.casa
2	api.mixpanel.com	exchange-gemini.casa
2	connect.facebook.net	exchange-gemini.casa
1	canarytokens.org	exchange-gemini.casa
1	cdn.optimizely.com	exchange-gemini.casa
1	px.ads.linkedin.com	exchange-gemini.casa
1	www.google.de	exchange-gemini.casa
1	www.google.com	exchange-gemini.casa
1	googleads.g.doubleclick.net	exchange-gemini.casa
1	www.googletagmanager.com	exchange-gemini.casa
1	www.google-analytics.com	exchange-gemini.casa
1	static.ads-twitter.com	exchange-gemini.casa
1	snap.licdn.com	exchange-gemini.casa
1	sc-static.net	exchange-gemini.casa
1	www.redditstatic.com	exchange-gemini.casa
1	www.googleadservices.com	exchange-gemini.casa
1	cloud.typography.com	exchange-gemini.casa
29	18

This site contains links to these domains. Also see Links.

Domain
gemini.com

Subject Issuer	Validity	Valid
exchange-gemini.casa Sectigo RSA Domain Validation Secure Server CA	`2021-04-20` - `2022-04-20`	a year	crt.sh
exchange.gemini.com GlobalSign Extended Validation CA - SHA256 - G3	`2019-07-23` - `2021-09-23`	2 years	crt.sh
*.typography.com DigiCert SHA2 Secure Server CA	`2020-04-26` - `2021-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-07-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
canarytokens.org R3	`2021-04-13` - `2021-07-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://exchange-gemini.casa/
Frame ID: 5D6ED9128A4C842EE44EF564169794F3
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

29
Requests

90 %
HTTPS

50 %
IPv6

18
Domains

18
Subdomains

19
IPs

3
Countries

1015 kB
Transfer

3431 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://gemini.com/legal-notice
Title: Legal Notice

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange-gemini.casa/ 9 KB
3 KB 552ms
191ms Document
text/html 104.219.248.111
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.111 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache /
Resource Hash: 1fbec168c4a828f7d8647c3e15ff597c2b3b85d075fc69d0269eb64f30226572

Request headers

:method: GET
:authority: exchange-gemini.casa
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:50 GMT
server: Apache
last-modified: Wed, 21 Apr 2021 07:20:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3139
content-type: text/html

GET
H2 200 0.abe03b2b776b238a6f07.css
static.gemini.com/js/ 155 KB
38 KB 272ms
49ms Stylesheet
text/css 13.224.102.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.gemini.com/js/0.abe03b2b776b238a6f07.css

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-14.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

04128ff71f16cf30b0e4e0217d68716f34422c657b8b85720cefce30c7b9024c

Security Headers

Name	Value
Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 22:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402216
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d7d69a7ade5f31a64e639fb54bf96df80948a16f"
strict-transport-security: max-age=15552000; includeSubDomains; preload;
content-type: text/css; charset=UTF-8
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: pEKhcu3cvlBFHUBUyE_XrZ_ZWhjHRLZ7P9K3r2RS_S25A5jnOSPdCw==
x-content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com

GET
H2 200 48.5cd6a969d9d398649b56.css
static.gemini.com/js/ 18 KB
6 KB 286ms
63ms Stylesheet
text/css 13.224.102.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.gemini.com/js/48.5cd6a969d9d398649b56.css

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-14.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

bc3a7b2f0eaf8aa9f0caa35f369cb10126720c927c2d13ecef79a17e54fb884f

Security Headers

Name	Value
Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 22:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402104
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"d769b43b76e8b66920041632cac79a85e256ce2d"
strict-transport-security: max-age=15552000; includeSubDomains; preload;
content-type: text/css; charset=UTF-8
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PesEy8-MCO83kInIvydLv8tPWZ2lKAVQCnBVFMfS5Ok0FjtleG1bgA==
x-content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/7630154/729946/css/ 0
0 154ms
27ms Stylesheet
text/html 104.111.232.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/7630154/729946/css/fonts.css
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-231.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 59ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13836
x-xss-protection: 0
server: cafe
etag: 11500755331297449547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Apr 2021 14:14:51 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 20 KB
7 KB 140ms
31ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 01 Apr 2021 21:20:31 GMT
server: snooserv
etag: "f130bbfe131c22854e51f461d761041d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 6670

GET
H2 200 330632917740535 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 126ms
112ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/330632917740535?v=2.9.39&r=stable

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a440636342aa6bdc7a0074fe73bfa9e4ed6592e1d58e90dde7dd2cec1f1757d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: V6KCHiFB4hOgONgqvHv3hyJVTPkhmHc25cpWcHGNk/7w3CsS8VYJ339tB+ZZjrm9Z0rl3EZNwj2goXcJ4/4O1w==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 21 Apr 2021 14:14:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 75ms
61ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23963
x-fb-rlafr: 0
pragma: public
x-fb-debug: 8cpanplKYynVbRK4KLKPRQ9iHtUGyGfZ71EU2N09Pp8u+v53TDpoNU+TNQyCPi5374kFpNL1Cbu+oltmaNd7kw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 21 Apr 2021 14:14:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 14 KB
6 KB 167ms
59ms Script
application/javascript 13.224.102.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-6.zrh50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5720
via: 1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
x-amz-cf-id: RO3m_F8gmwIVdSmTtkvKBDoHJ1kJIxatH8Cu8FGoaV2XcqleHI1y_w==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 50ms
38ms Script
application/x-javascript 2a02:26f0:7100:1bd::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1bd::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:14:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35842
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 65ms
52ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 48202
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1619014491.395923,VS0,VE0
x-served-by: cache-hhn11528-HHN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4897
date: Wed, 21 Apr 2021 12:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 14:53:14 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 83ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-538501539

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4b403ea20d346c6f44a64fd4fc094d512ff34dfa7b86f804d26175051498496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34043
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Apr 2021 14:14:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/ 2 KB
1 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/538501539/?random=1618985855086&cv=9&fst=1618985855086&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&ref=https%3A%2F%2Fwww.gemini.com%2F&tiba=Gemini%20-%20Sign%20In&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a0c2de27f3517e3eb931af3c58360ad8b208d57d3cf57d27f4501081376c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime.b1c05216fe547cfd7233.js Show response
static.gemini.com/js/ 1 KB
3 KB 306ms
84ms Script
application/javascript 13.224.102.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.gemini.com/js/runtime.b1c05216fe547cfd7233.js

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-14.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

a9b6795b69a80d382012a46fe476b516cb908db6a8116b8616ff040ebbf9401e

Security Headers

Name	Value
Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ static.gemini.com www.gemini.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ static.gemini.com www.gemini.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 00:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10417466
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"901744fdc3fbc384754ca19d9bd95ae019a8ab5b"
strict-transport-security: max-age=15552000; includeSubDomains; preload;
content-type: application/javascript; charset=UTF-8
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ static.gemini.com www.gemini.com
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: zeeAIvdEao_xg19g1qwAmgzrBa_mcB4OdIOArmpy2lsxn3LV6qVIAA==
x-content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ static.gemini.com www.gemini.com

GET
H2 200 0.abe03b2b776b238a6f07.js Show response
exchange-gemini.casa/ 3 MB
749 KB 330ms
317ms Script
application/javascript 104.219.248.111
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange-gemini.casa/0.abe03b2b776b238a6f07.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.111 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache /
Resource Hash: 6ce85011291a6d4c99d8bb1097590835f85cec503f1bb82fd6ba6f8181a847aa

Request headers

:path: /0.abe03b2b776b238a6f07.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: exchange-gemini.casa
referer: https://exchange-gemini.casa/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 07:26:15 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 4.1d6ba8e3b3806d05b785.js Show response
static.gemini.com/js/ 9 KB
6 KB 300ms
78ms Script
application/javascript 13.224.102.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.gemini.com/js/4.1d6ba8e3b3806d05b785.js

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-14.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ca3aed5dcfca830ff302153ae981c2f24cdfb41cfb229f518f391fa95a4daac8

Security Headers

Name	Value
Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload;
X-Content-Security-Policy	report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com .doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com .doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 22:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402131
x-cache: Hit from cloudfront
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"58bea2beb899e400ae4c0c474b4d1e9cb528152b"
strict-transport-security: max-age=15552000; includeSubDomains; preload;
content-type: application/javascript; charset=UTF-8
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: tBZLQUTMJeFb2XxxyaKCVGVgsjMjGN6cnwf42bbCNDeil_02_CucWQ==
x-content-security-policy: report-uri /collect-csp; script-src 'self' https://static.gemini.com https://www.google-analytics.com https://cdn.sift.com/s.js https://connect.facebook.net https://try.access.worldpay.com https://access.worldpay.com https://www.googletagmanager.com/ https://sc-static.net/ https://www.googleadservices.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com; font-src 'self' data: https://static.gemini.com static.gemini.com; connect-src 'self' https://api.mixpanel.com/ https://cdn.optimizely.com/ https://logx.optimizely.com/v1/events https://api.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://www.google-analytics.com *.doubleclick.net/ wss://api.gemini.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://static.gemini.com static.gemini.com; object-src 'self'; default-src 'self'; frame-src 'self' https://gemini.com https://www.gemini.com https://connect.facebook.net https://www.facebook.com https://try.access.worldpay.com https://access.worldpay.com https://secure-test.worldpay.com/ https://centinelapi.cardinalcommerce.com https://tr.snapchat.com/; img-src 'self' data: blob: https://gemini.com https://www.gemini.com https://static.gemini.com https://www.google-analytics.com https://hexagon-analytics.com https://www.facebook.com *.doubleclick.net/ https://www.redditstatic.com https://alb.reddit.com static.gemini.com www.gemini.com

GET
H2 200 48.5cd6a969d9d398649b56.js Show response
exchange-gemini.casa/ 16 KB
6 KB 184ms
170ms Script
application/javascript 104.219.248.111
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange-gemini.casa/48.5cd6a969d9d398649b56.js
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.111 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache /
Resource Hash: c44a6fa30ca9ca9d8bdce0a240cbd96f2c6f461c6d9f19f818a9a9bac045cc84

Request headers

:path: /48.5cd6a969d9d398649b56.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: exchange-gemini.casa
referer: https://exchange-gemini.casa/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 07:14:17 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5958

GET
H2 200 /
www.google.com/pagead/1p-user-list/538501539/ 42 B
108 B 65ms
53ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/538501539/?random=1618985855086&cv=9&fst=1618984800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&ref=https%3A%2F%2Fwww.gemini.com%2F&tiba=Gemini%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3834905940&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/538501539/ 42 B
108 B 47ms
36ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/538501539/?random=1618985855086&cv=9&fst=1618984800000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=768&u_w=1366&u_ah=738&u_aw=1366&u_cd=24&u_his=4&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fexchange.gemini.com%2Fsignin&ref=https%3A%2F%2Fwww.gemini.com%2F&tiba=Gemini%20-%20Sign%20In&async=1&fmt=3&is_vtc=1&random=3834905940&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 14:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET af7ae505a9eed503f8b8e6982036873e.woff2
static.gemini.com/js/ 0
0

GET
H2 200 collect
px.ads.linkedin.com/ 0
630 B 190ms
189ms Image
application/javascript 2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1619014491607&url=https%3A%2F%2Fexchange-gemini.casa%2F
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:51 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: Xj6jMRrldxYQ3OY/kSsAAA==

GET fee66e712a8a08eef5805a46892932ad.woff
static.gemini.com/js/ 0
0

GET b06871f281fee6b241d60582ae9369b9.ttf
static.gemini.com/js/ 0
0

GET
H2 200 / Show response
api.mixpanel.com/decide/ 65 B
330 B 124ms
52ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=d63e727b7647b63c44007c4c8876cb81&ip=0&_=1619014492928
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/0.abe03b2b776b238a6f07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 14:14:53 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://exchange-gemini.casa
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
158 B 155ms
122ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2V4Y2hhbmdlLWdlbWluaS5jYXNhLyIsIiRicm93c2VyX3ZlcnNpb24iOiA4OSwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjIyLjQiLCJkaXN0aW5jdF9pZCI6ICIxNzhmNGM4YTJkMTRhYy0wNTc3ZTkzZTZiZGYwYS01NzcxZTMzLTFkNGMwMC0xNzhmNGM4YTJlZTFkMyIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vZXhjaGFuZ2UtZ2VtaW5pLmNhc2EvIiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiZDYzZTcyN2I3NjQ3YjYzYzQ0MDA3YzRjODg3NmNiODEifX0%3D&ip=0&_=1619014492998

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/0.abe03b2b776b238a6f07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Wed, 21 Apr 2021 14:14:52 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://exchange-gemini.casa
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

GET
H2 200 Wnjm8Romn7vp6Hiq3xwXXL.json Show response
cdn.optimizely.com/datafiles/ 72 KB
12 KB 31ms
14ms XHR
application/json 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/Wnjm8Romn7vp6Hiq3xwXXL.json

Requested by

Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/0.abe03b2b776b238a6f07.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ffb0b418c56b83279ae8f993a7f5654b28e2236dce0057ff69009160bfc9f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: application/json, text/plain, */*
Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: kUqOSzGKEfCOh2fOZ7t5u6aXk.tsRmqp
content-encoding: gzip
etag: "6dd990d91104094aa314c8c22ef11497"
x-amz-request-id: QNJXTNXW8PQY4EG5
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1749
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 11533
x-amz-id-2: UUaRROuAxsFTBZ6GRvr4RvqPYUzAjPFI9+ljx8R7PEcVTTRgfIi5K7Br/McxODB2Zz/Wq9ZIjnY=
last-modified: Mon, 19 Apr 2021 22:02:07 GMT
server: AmazonS3
date: Wed, 21 Apr 2021 14:14:53 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H/1.1 200
OK 5sqq2etpe8h8yxvkq2soetnk8.jpg
canarytokens.org/ 43 B
238 B 772ms
687ms Image
image/gif 52.18.63.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://canarytokens.org/5sqq2etpe8h8yxvkq2soetnk8.jpg?l=https://exchange-gemini.casa/&r=
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.18.63.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 14:14:54 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H2 404 / Show response
exchange-gemini.casa/sentry/api/7/store/ 10 KB
10 KB 194ms
193ms Fetch
text/html 104.219.248.111
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange-gemini.casa/sentry/api/7/store/?sentry_key=abfac61979bc4c90aeb4b67a59ed0e61&sentry_version=7
Requested by: Host: exchange-gemini.casa
URL: https://exchange-gemini.casa/0.abe03b2b776b238a6f07.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.248.111 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache /
Resource Hash: 7421cc4a92468f39f960162ef42ba84256c90e1dae6e6b96d3d4c389726cecec

Request headers

sec-fetch-mode: cors
origin: https://exchange-gemini.casa
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 2216
:path: /sentry/api/7/store/?sentry_key=abfac61979bc4c90aeb4b67a59ed0e61&sentry_version=7
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: exchange-gemini.casa
referer: https://exchange-gemini.casa/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://exchange-gemini.casa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Apr 2021 14:14:53 GMT
server: Apache
accept-ranges: bytes
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.gemini.com
URL: https://static.gemini.com/js/af7ae505a9eed503f8b8e6982036873e.woff2

Domain: static.gemini.com
URL: https://static.gemini.com/js/fee66e712a8a08eef5805a46892932ad.woff

Domain: static.gemini.com
URL: https://static.gemini.com/js/b06871f281fee6b241d60582ae9369b9.ttf

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.redditstatic.com/ads/pixel.js(Line 1) Message: Reddit Pixel Error:Pixel was not initialized.Please ensure you have included the correct pixel script in your head tag

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
canarytokens.org
cdn.optimizely.com
cloud.typography.com
connect.facebook.net
exchange-gemini.casa
googleads.g.doubleclick.net
px.ads.linkedin.com
sc-static.net
snap.licdn.com
static.ads-twitter.com
static.gemini.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
static.gemini.com
104.111.232.231
104.219.248.111
13.224.102.14
13.224.102.6
142.250.186.34
151.101.113.140
199.232.136.157
2620:119:50e1:101::6cae:b25
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2008
2a00:1450:4001:82b::2003
2a02:26f0:7100:19a::13b8
2a02:26f0:7100:1bd::25ea
2a03:2880:f013:d:face:b00c:0:3
35.190.25.25
52.18.63.80
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
04128ff71f16cf30b0e4e0217d68716f34422c657b8b85720cefce30c7b9024c
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
1fbec168c4a828f7d8647c3e15ff597c2b3b85d075fc69d0269eb64f30226572
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
38c9e8d2dfaf439f732463b5ae80c7d5da32bd8594172a56041794f080b2a3bc
3ffb0b418c56b83279ae8f993a7f5654b28e2236dce0057ff69009160bfc9f3e
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6a440636342aa6bdc7a0074fe73bfa9e4ed6592e1d58e90dde7dd2cec1f1757d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce85011291a6d4c99d8bb1097590835f85cec503f1bb82fd6ba6f8181a847aa
7421cc4a92468f39f960162ef42ba84256c90e1dae6e6b96d3d4c389726cecec
8a0c2de27f3517e3eb931af3c58360ad8b208d57d3cf57d27f4501081376c62b
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
a9b6795b69a80d382012a46fe476b516cb908db6a8116b8616ff040ebbf9401e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bc3a7b2f0eaf8aa9f0caa35f369cb10126720c927c2d13ecef79a17e54fb884f
c44a6fa30ca9ca9d8bdce0a240cbd96f2c6f461c6d9f19f818a9a9bac045cc84
ca3aed5dcfca830ff302153ae981c2f24cdfb41cfb229f518f391fa95a4daac8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b403ea20d346c6f44a64fd4fc094d512ff34dfa7b86f804d26175051498496
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

exchange-gemini.casa Open in urlscan Pro 104.219.248.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

90 %HTTPS

50 %IPv6

18 Domains

18 Subdomains

19 IPs

3 Countries

1015 kBTransfer

3431 kBSize

0 Cookies

1 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

exchange-gemini.casa Open in urlscan Pro
104.219.248.111 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

90 %
HTTPS

50 %
IPv6

18
Domains

18
Subdomains

19
IPs

3
Countries

1015 kB
Transfer

3431 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions