geminiduplication.com Open in urlscan Pro
3.161.82.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://geminiduplication.com/public/records
Submission: On May 17 via manual (May 17th 2024, 4:13:56 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 44 HTTP transactions. The main IP is 3.161.82.11, located in United States and belongs to AMAZON-02, US. The main domain is geminiduplication.com.
TLS certificate: Issued by R3 on May 1st 2024. Valid for: 3 months.

This is the only time geminiduplication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	3.161.82.11 3.161.82.11	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:440... 2606:4700:4400::ac40:9542	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	52.49.32.11 52.49.32.11	16509 (AMAZON-02) (AMAZON-02)
44	8

21 3.161.82.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-11.fra56.r.cloudfront.net

geminiduplication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::ac40:9542 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.whatfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whatfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.32.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-32-11.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	geminiduplication.com geminiduplication.com	661 KB
14	whatfix.com cdn.whatfix.com — Cisco Umbrella Rank: 8624 whatfix.com — Cisco Umbrella Rank: 7219	2 MB
4	gstatic.com fonts.gstatic.com	95 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6508 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5812	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
0	gemini.legal Failed gemini.legal Failed
44	7

	Domain	Requested by
21	geminiduplication.com	geminiduplication.com
10	cdn.whatfix.com	geminiduplication.com cdn.whatfix.com cdnjs.cloudflare.com
4	whatfix.com	cdnjs.cloudflare.com
4	fonts.gstatic.com	fonts.googleapis.com
1	rum-collector-2.pingdom.net	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	geminiduplication.com
1	fonts.googleapis.com	geminiduplication.com
1	rum-static.pingdom.net	geminiduplication.com
0	gemini.legal Failed
44	9

This site contains links to these domains. Also see Links.

Domain
form.asana.com

Subject Issuer	Validity	Valid
geminiduplication.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.whatfix.com Go Daddy Secure Certificate Authority - G2	`2023-10-30` - `2024-11-16`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://geminiduplication.com/public/records
Frame ID: FC01CA3C4C4F06CA92C89466A1F872CF
Requests: 40 HTTP requests in this frame

Frame: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/C624B0918EBFE4AB82833F56632134FE.cache.js
Frame ID: EEF56D9C391A90EF05992C4C2F26A931
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Page Statistics

44
Requests

98 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

2547 kB
Transfer

7733 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://form.asana.com/?k=_3caL13S49J0rIOEKavocA&d=30126573295575
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://geminiduplication.com/?_rsc=6dv3b HTTP 0
http://gemini.legal/

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request records Show response
geminiduplication.com/public/ 97 KB
19 KB 646ms
586ms Document
text/html 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: / Next.js
Resource Hash: 50d2eaf7c35c3efed97c7096765a49a553910a72028aabdb2b80a53bfef92ac5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: s-maxage=31536000, stale-while-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 16:13:49 GMT
etag: "2aolgwnqbc24kp"
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-id: YH7HDFEtHoTFHstJYljJwf8z-idqRziW17rZFS56l2UKN4cq5aRBaQ==
x-amz-cf-pop: FRA56-P10
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
x-powered-by: Next.js

GET
H2 200 image
geminiduplication.com/_next/ 4 KB
4 KB 582ms
581ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Fsml%2Fsml_gemini_logo_white.png&w=256&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

b3b2f09805971b4e179a3442e5f05a08b1d518457cc7b1798a53611cfb0c5f68

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: s7LwmAWXG04XmjRC5fBaCLHVGEV8x7F5ilNhHPsMX2g=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="sml_gemini_logo_white.webp"
content-length: 3730
x-amz-cf-id: lrFRe9-mS4F9asQfOmNqFC6fVf9-c0lP5GoU7tjbpbzMXV035nb0aw==

GET
H2 200 0d19ee271e0bb8c9.css
geminiduplication.com/_next/static/css/ 5 KB
2 KB 582ms
582ms Stylesheet
text/css 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/css/0d19ee271e0bb8c9.css
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 19506ea4d99105ebfaf04a56d20a792ba35ef0432911e520039de8fe4201aa58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"122b-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: dRzNTbc48097fW7hjvUL9K4rNZ3PkbWDJQOqxDCpnTXB1bex7R2zcQ==

GET
H2 200 webpack-e789db56ff17d520.js Show response
geminiduplication.com/_next/static/chunks/ 4 KB
2 KB 598ms
598ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/webpack-e789db56ff17d520.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 53cdad1addd2fde5ef69d7079d02ae5272d943c43d2157d7aa73962adad0a4de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"e99-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: xPOTNM_usVPB13mkYgYdssitP283_5TfDHKB09bVSK2ehal2ikN8GQ==

GET
H2 200 1dd3208c-e4f40ce617642a66.js Show response
geminiduplication.com/_next/static/chunks/ 169 KB
53 KB 168ms
168ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/1dd3208c-e4f40ce617642a66.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 928ad76603d098aa510d4f476704a3b9e16723e1c64f6b88e4b2295ac1c7fb72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"2a320-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: WSF-vwAJK96mzaBrGANS8OWzkkS1Wd7zOnVqjFs_J7oDo4rf4j6hJw==

GET
H2 200 286-cb6fcebb98a9ec28.js Show response
geminiduplication.com/_next/static/chunks/ 119 KB
31 KB 595ms
593ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/286-cb6fcebb98a9ec28.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 91529ee91dbe568411aafddd6ad85b6970c0d3972206ca205268193b97257978

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"1dcfe-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: hFhcvYDor7cb1Js_rVq444fyAqbkD_cSJaHrd0b7W-g12QzYmGtZoA==

GET
H2 200 main-app-7c01d965ba3fa32f.js Show response
geminiduplication.com/_next/static/chunks/ 473 B
842 B 590ms
588ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/main-app-7c01d965ba3fa32f.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: c669974fb82e0c138826c9c0e871ba31abdc8d774988cf276a552a9d944b1131

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"1d9-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 473
x-amz-cf-id: KNRP2ei3jbXbHTGuuircbFuFCDozgSzagLCc0kT_0WB2pY6KPF47uQ==

GET
H2 200 77122cfd-d70b8815f2ba7566.js Show response
geminiduplication.com/_next/static/chunks/ 632 B
1001 B 592ms
590ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/77122cfd-d70b8815f2ba7566.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: d43d40b49ca923a9777720b9bed758a6c0418d30fad059f3d30bd1d6e5fd5064

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"278-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 632
x-amz-cf-id: IShOoskV2plo1wYcsksNuehy1xE_v1_xX_43qHPFCRfk8hMZQE928Q==

GET
H2 200 5a80076f-59ef3f6b45fbfb44.js Show response
geminiduplication.com/_next/static/chunks/ 3 KB
2 KB 601ms
599ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5a80076f-59ef3f6b45fbfb44.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: aca8d2e755dde9c178e932d2b2f3c1f981cdf5e2102cd083897c006b8975a3fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"af5-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: LmTFCczMG79r2VcdnwbnaEv-Sxse7qTjLHHCZ9Kv_Cssm6P0bZ6jHg==

GET
H2 200 864d5303-cb3e1ffc0708303a.js Show response
geminiduplication.com/_next/static/chunks/ 2 KB
1 KB 616ms
614ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/864d5303-cb3e1ffc0708303a.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: daef2a18f219581093c5daa9291622f063fbd626c7f578f490dec4931e2e61cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"68b-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: WnRQWpRV0aAqIkeWKsSV6E-rOdwBWAg5W2leAgAYDlv77P32A7X4Xg==

GET
H2 200 669426d9-6b3c913950e23a06.js Show response
geminiduplication.com/_next/static/chunks/ 12 KB
5 KB 589ms
587ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/669426d9-6b3c913950e23a06.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 635f122710948dc5cc3e3bc7926b9d82a50cca47ff730956e18b2495ede819b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"30d6-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Zb3gNwRk03LXXvLIiJs-pHwr-7hPhZCxk3jw7lfVu3IkZbaXyEvLCA==

GET
H2 200 b09111d1-c39a179f68248f7a.js Show response
geminiduplication.com/_next/static/chunks/ 61 KB
21 KB 615ms
614ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/b09111d1-c39a179f68248f7a.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 09bf0aaddb9f8630c858dae4b4ed1b378267aff1b3f61921033c4b0fb52fe528

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"f247-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: mJqNRmfp77OnVY-fxLOBE45BusUnkhhcMF8vhOUiMRtieZgqoj0Wog==

GET
H2 200 3334-df18b2f7ca79540c.js Show response
geminiduplication.com/_next/static/chunks/ 1 MB
399 KB 593ms
591ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/3334-df18b2f7ca79540c.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: b379298c7552e9c63a06bfd94674b57d034c8466e4a30acb38ab48c26e29b4b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"15bc39-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: aaMh4omZT1CHrI2VwrMcVQ2gX7-a_1tBD35rQBcBsp2xALI3MosFsA==

GET
H2 200 1359-a15150b52f13828a.js Show response
geminiduplication.com/_next/static/chunks/ 210 KB
60 KB 620ms
618ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/1359-a15150b52f13828a.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 0cf1b893866e98213504f09b94f90433a638f7b04d8fe7b8b418b1200062800a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"34620-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: ZXNs10eg_OmhffiXHRPZmHXJK2WtXYIX2_GSTgiOcC0KvRTsLjOl0g==

GET
H2 200 page-a8db6d69b9589183.js Show response
geminiduplication.com/_next/static/chunks/app/public/records/ 9 KB
3 KB 606ms
605ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/app/public/records/page-a8db6d69b9589183.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 83a42f571f1483800d76636302d3bd33013b06d48cf93756232f87ea0b2f06b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"23a3-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 1VyJLamkeiAZxkZSnb4b8sxEZhesypjbMmVxSB9SnKmdzokqUOEEZw==

GET
H2 200 5074-a73325fd1f03c8b0.js Show response
geminiduplication.com/_next/static/chunks/ 46 KB
14 KB 619ms
618ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5074-a73325fd1f03c8b0.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: effe5c367d6f17e30de2c00ae20b2146e8819b71c344cbd33208f930bf6196ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"b766-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: OXNgyvBBzgV6wlvvd_-OmJo5l0cT5XHjAJ0MVVnirAh48qn3LyUw9Q==

GET
H2 200 5144-b14c54d5c4866500.js Show response
geminiduplication.com/_next/static/chunks/ 15 KB
6 KB 603ms
602ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5144-b14c54d5c4866500.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 5faeee5122897aeed0c12177b90c82fca877374b4c61fd00f60aa126a2db0302

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"3c56-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Vq2Ju6OMujMpJ3qQO1KcDeCuCFlsAkjGhNmy963Ed2xwfaB_Gp3EYg==

GET
H2 200 layout-0e52be66904c5977.js Show response
geminiduplication.com/_next/static/chunks/app/ 2 KB
1 KB 614ms
612ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/app/layout-0e52be66904c5977.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: f82d7842b86a8fa7984e54e3d3ce119ab0cbaa4c9e0f2ba1aa5fbd88a870f09f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:47 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"6a3-18f8411c078"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: WGxxtcWLDjPbRF5Cqxdkj9mRMkY1A2zTQ6I-UBgIRF4g1E7klWwuoA==

GET
H2 200 initiator.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/ 1 MB
402 KB 111ms
47ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179344384b90279b03fb0f5504d6278b37f66e4b0b62e6ab0e893618275169c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 33360
x-envoy-upstream-service-time: 40
x-xss-protection: 1; mode=block
wfx-request-id: c598c4ba56b3552df9c9069423853b31
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=0, must-revalidate, no-transform
cf-ray: 8854e5a52f904d70-FRA

GET
H2 200 pa-63af61080d7ce50011001743.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 206ms
152ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-63af61080d7ce50011001743.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bed34908f36642ecb71ef968f5e2d0ae3ec2692fc1d110c7dae9b72c5f0ff55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8854e5a51aa468eb-FRA
expires: Fri, 17 May 2024 16:18:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 42 KB
2 KB 87ms
35ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28626569d3a44aa2d81cb7f5175c4e8f0dc4d5781e53bfcbafbfe13975d77145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 16:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 14:31:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 16:13:49 GMT

GET
H3 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 63ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5618451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18862
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOW1pdHVtCQu82BPwrFh7snikjgW8nKjZ4AkelUpFUUeLtBaxSRlRvtadf4hVLqP6e%2BHKl4BYx3S89a5nAgdg2oomBz5h%2FcoRSjDVsC3opjv3HJnCPwEGp1ad9Rl2Ct92IS4nhWvWQV4IVCBFEbCoBj1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8854e5a4ee01bb7a-FRA
expires: Wed, 07 May 2025 16:13:50 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 77ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:58:00 GMT
x-content-type-options: nosniff
age: 288950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 07:58:00 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 107ms
56ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:59:07 GMT
x-content-type-options: nosniff
age: 288883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23620
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 07:59:07 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 97ms
46ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 10:16:39 GMT
x-content-type-options: nosniff
age: 539831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 May 2025 10:16:39 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 116ms
66ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:43:25 GMT
x-content-type-options: nosniff
age: 289825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 07:43:25 GMT

GET
H2 200 image
geminiduplication.com/_next/ 19 KB
19 KB 737ms
737ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Foranges%2Foranges_top_right.png&w=384&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

1b3462ec2d76bb665e105c8d9b0f0caaff721e563cd14a934071ca050159c00e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: GzRi7C12u2ZeEFyNmw8Mqv9yHlY80UqTQHHKBQFZwA4=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="oranges_top_right.webp"
content-length: 19260
x-amz-cf-id: v1wuStZUgPgJEVcD8MbX6E3mWRf1RIlP6UT2ds-rM61gCgRAT65MtA==

GET
H2 200 image
geminiduplication.com/_next/ 15 KB
16 KB 765ms
765ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Foranges%2Foranges_bottom_left.png&w=384&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

bbd9a73f21055a563a4cbf664c096cf57804c0eadbeacecb01f9579eb3ab5967

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:50 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: u9mnPyEFWlY6TL9mTAls9XgEwOrb6s7LAflXnrOrWWc=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="oranges_bottom_left.webp"
content-length: 15676
x-amz-cf-id: I3SyeXsK1TD4VnmUAsm8yrC6YOUjqFiXCzWa1RdXJwt21SAALtoITQ==

GET
H2 200 initiator_conf_cb.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/ 11 KB
2 KB 42ms
41ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator_conf_cb.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0139051479d385a9839d32376ab471d47e7b2a855b1eb6432df1531000291d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 33351
x-envoy-upstream-service-time: 25
x-xss-protection: 1; mode=block
wfx-request-id: a94423238c047bc75c7663d01d3f6ce4
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=0, must-revalidate, no-transform
cf-ray: 8854e5acc89c4d70-FRA

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 192ms
46ms XHR
text/plain 52.49.32.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=63af61080d7ce50011001743&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=16&cE=61&dLE=16&dLS=16&fS=0&hS=37&rE=-1&rS=-1&reS=61&resS=647&resE=786&uEE=-1&uES=-1&dL=652&dI=1251&dCLES=1251&dCLEE=1251&dC=2507&lES=2508&lEE=2508&s=nt&title=&path=https%3A%2F%2Fgeminiduplication.com%2Fpublic%2Frecords&ref=&sId=4cls6gvy&sST=1715962431&sIS=1&rV=0&v=1.4.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.32.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-32-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 17 May 2024 16:13:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 favicon-32x32.png
geminiduplication.com/prodicons/ 1 KB
1 KB 163ms
163ms Other
image/png 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/prodicons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 42078351e7ab6035a350cd1c71ff6741236ec7642bb1f7ae9e4a4809d6b61f2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:51 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2024 01:01:05 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"4a3-18f84111c68"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1187
x-amz-cf-id: NFsuj0QENQ-5GYquNtNA4mvjK3-Mtvupo2TaA6VWDlr4rHWisyd3ng==

GET
H2 200 embed.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/ 11 KB
5 KB 125ms
76ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/embed.nocache.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17441c980dd54c10c93d3d59b2815143d0b076655d4bb4c0143571c2e597636b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 33351
x-envoy-upstream-service-time: 23
x-xss-protection: 1; mode=block
wfx-request-id: 7d735a8761a0af9f8c903df6e3a16493
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5ad78f63834-FRA

GET

/
gemini.legal/
Redirect Chain

https://geminiduplication.com/?_rsc=6dv3b
http://gemini.legal/

0
0

GET
H2 200 C624B0918EBFE4AB82833F56632134FE.cache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/ Frame EEF5 3 MB
1 MB 55ms
55ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/C624B0918EBFE4AB82833F56632134FE.cache.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/embed/embed.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ad3fca35b5a428d21f7a291c9e7acaaec67faad8454d13df22dcfa6c627e7ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 33350
x-envoy-upstream-service-time: 94
x-xss-protection: 1; mode=block
wfx-request-id: 5c0acb54352109f52663e059a6437266
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5ae09d73834-FRA

GET
H2 200 customization-engine.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/modules/customization-engine/2.0.3/ Frame EEF5 191 KB
37 KB 186ms
186ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/modules/customization-engine/2.0.3/customization-engine.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

220f4e777eefe6461d2f22ab51b49b46958d8ef5d2e9d8aaccbe80add9e26efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 33
x-xss-protection: 1; mode=block
wfx-request-id: c065df25af918a061462a1b51a5aa5f7
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:08Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5afbbea3834-FRA

GET
H2 200 observer.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/modules/observer/1.0.4/ Frame EEF5 255 KB
62 KB 183ms
183ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/modules/observer/1.0.4/observer.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247edbf1620f779eddad16c684f6debe941856ecdf0ed9decb59dcee7efa291a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 34
x-xss-protection: 1; mode=block
wfx-request-id: e20463e4da7b2ba01df7ac1408306f66
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:08Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5afbbeb3834-FRA

POST
H2 200 embed_exist Show response
whatfix.com/service/ent_id/v2/flow/ 23 B
189 B 162ms
152ms XHR
application/json 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/ent_id/v2/flow/embed_exist

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46efd9db341c389be7acfc59cf118e06bcad38c0741a41eef32abf21553db6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self'
x-envoy-upstream-service-time: 8
x-xss-protection: 1; mode=block
wfx-request-id: 5a9f59bb19023984b1be0027df72b31b
referrer-policy: same-origin
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 8854e5afcc173834-FRA

GET
H2 200 integration.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/integration/ 10 KB
2 KB 187ms
186ms Script
application/x-javascript 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/integration/integration.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db2b1181181fbd4039bbfd427591bad33bb884d6f3ca7d4efd9cad8c06538002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 33
x-xss-protection: 1; mode=block
wfx-request-id: 1af67030723c7c510e0b35a1ea2776eb
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:08Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5afbbf93834-FRA

GET
H2 200 configuration.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/ 166 B
266 B 173ms
173ms XHR
application/json 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/configuration.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214e0b1c0beb3ce264be0eee4cf382e8111a2cd419e1491a700133f2a77e3ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 21
x-xss-protection: 1; mode=block
wfx-request-id: 7b6ea863a5559d073f8e14f6d55e01dc
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-transform
cf-ray: 8854e5afcbfb3834-FRA

GET
H2 200 ent-config Show response
whatfix.com/service/57970d23-1093-486f-83d8-40ec1f7e405f/cconfig/ 478 B
507 B 155ms
147ms XHR
application/json 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/57970d23-1093-486f-83d8-40ec1f7e405f/cconfig/ent-config

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87dbf17883a0eae8eda25c71c658245034c79474f44f94d945f14fb21f048fb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: frame-ancestors 'self'
x-envoy-upstream-service-time: 5
x-xss-protection: 1; mode=block
wfx-request-id: 7e75a302c7a8add3a6a970508d1b6831
referrer-policy: same-origin
last-modified: Fri, 17 May 2024 16:13:52 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 8854e5afcc193834-FRA

GET
H2 200 enterprise.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1715882561611/data/ 122 KB
24 KB 206ms
204ms XHR
application/json 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1715882561611/data/enterprise.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa5f208bda5a6cd9e6880b4c09ebe14bea94d8df69bbae7c68cc2e512336e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 24
x-xss-protection: 1; mode=block
wfx-request-id: 8ae74c82acf72a9393fe5c1fbe687ca5
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:08Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5b0ddce3834-FRA

OPTIONS
H2 200 57970d23-1093-486f-83d8-40ec1f7e405f
whatfix.com/service/event/collect/v2/ Frame 0
0 131ms
130ms Preflight 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/event/collect/v2/57970d23-1093-486f-83d8-40ec1f7e405f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,wfx-sent-time
Access-Control-Request-Method: POST
Origin: https://geminiduplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, wfx-sent-time x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-whatfix-integration-key, x-whatfix-user, x-whatfix-event-sink
access-control-allow-methods: POST POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
cf-ray: 8854e5b23fa33834-FRA
content-length: 0
date: Fri, 17 May 2024 16:13:52 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block

POST
H2 200 57970d23-1093-486f-83d8-40ec1f7e405f Show response
whatfix.com/service/event/collect/v2/ 0
54 B 132ms
131ms XHR
text/plain 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/event/collect/v2/57970d23-1093-486f-83d8-40ec1f7e405f

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://geminiduplication.com/
wfx-sent-time: 1715962432342
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 1
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
cache-control: no-cache,no-store
cf-ray: 8854e5b308db3834-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-whatfix-integration-key, x-whatfix-user, x-whatfix-event-sink

GET
H2 200 user_actions.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1715882561611/data/user_action/ 184 KB
20 KB 179ms
179ms XHR
application/json 2606:4700:4400::ac40:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1715882561611/data/user_action/user_actions.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f58049025741b8badf285e474f46084bfd0616f5e3721b7e3ef2e2dd0c60ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 17 May 2024 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 31
x-xss-protection: 1; mode=block
wfx-request-id: 60f1baf591f3aa86b3a3d3e12b924e7c
referrer-policy: same-origin
last-modified: 2024-05-16T18:04:09Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 8854e5b24fb73834-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gemini.legal
URL: http://gemini.legal/

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.geminiduplication.com/	1970-01-20 23:03:22	Name: wfx_unq Value: twL7NyfxnPmXmphG

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js(Line 3) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	URL: https://geminiduplication.com/public/records Message: Mixed Content: The page at 'https://geminiduplication.com/public/records' was loaded over HTTPS, but requested an insecure resource 'http://gemini.legal/'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1715882561611/modules/observer/1.0.4/observer.nocache.js(Line 105) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.whatfix.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gemini.legal
geminiduplication.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
whatfix.com
gemini.legal
2606:4700:10::6816:3768
2606:4700:4400::ac40:9542
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:806::200a
3.161.82.11
52.49.32.11
0139051479d385a9839d32376ab471d47e7b2a855b1eb6432df1531000291d61
09bf0aaddb9f8630c858dae4b4ed1b378267aff1b3f61921033c4b0fb52fe528
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0cf1b893866e98213504f09b94f90433a638f7b04d8fe7b8b418b1200062800a
17441c980dd54c10c93d3d59b2815143d0b076655d4bb4c0143571c2e597636b
179344384b90279b03fb0f5504d6278b37f66e4b0b62e6ab0e893618275169c0
19506ea4d99105ebfaf04a56d20a792ba35ef0432911e520039de8fe4201aa58
1b3462ec2d76bb665e105c8d9b0f0caaff721e563cd14a934071ca050159c00e
214e0b1c0beb3ce264be0eee4cf382e8111a2cd419e1491a700133f2a77e3ea4
220f4e777eefe6461d2f22ab51b49b46958d8ef5d2e9d8aaccbe80add9e26efa
247edbf1620f779eddad16c684f6debe941856ecdf0ed9decb59dcee7efa291a
28626569d3a44aa2d81cb7f5175c4e8f0dc4d5781e53bfcbafbfe13975d77145
2f58049025741b8badf285e474f46084bfd0616f5e3721b7e3ef2e2dd0c60ab9
42078351e7ab6035a350cd1c71ff6741236ec7642bb1f7ae9e4a4809d6b61f2e
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
4ad3fca35b5a428d21f7a291c9e7acaaec67faad8454d13df22dcfa6c627e7ee
50d2eaf7c35c3efed97c7096765a49a553910a72028aabdb2b80a53bfef92ac5
53cdad1addd2fde5ef69d7079d02ae5272d943c43d2157d7aa73962adad0a4de
5faeee5122897aeed0c12177b90c82fca877374b4c61fd00f60aa126a2db0302
635f122710948dc5cc3e3bc7926b9d82a50cca47ff730956e18b2495ede819b3
7bed34908f36642ecb71ef968f5e2d0ae3ec2692fc1d110c7dae9b72c5f0ff55
83a42f571f1483800d76636302d3bd33013b06d48cf93756232f87ea0b2f06b2
87dbf17883a0eae8eda25c71c658245034c79474f44f94d945f14fb21f048fb3
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8fa5f208bda5a6cd9e6880b4c09ebe14bea94d8df69bbae7c68cc2e512336e0f
91529ee91dbe568411aafddd6ad85b6970c0d3972206ca205268193b97257978
928ad76603d098aa510d4f476704a3b9e16723e1c64f6b88e4b2295ac1c7fb72
aca8d2e755dde9c178e932d2b2f3c1f981cdf5e2102cd083897c006b8975a3fe
b379298c7552e9c63a06bfd94674b57d034c8466e4a30acb38ab48c26e29b4b1
b3b2f09805971b4e179a3442e5f05a08b1d518457cc7b1798a53611cfb0c5f68
bbd9a73f21055a563a4cbf664c096cf57804c0eadbeacecb01f9579eb3ab5967
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c669974fb82e0c138826c9c0e871ba31abdc8d774988cf276a552a9d944b1131
d43d40b49ca923a9777720b9bed758a6c0418d30fad059f3d30bd1d6e5fd5064
daef2a18f219581093c5daa9291622f063fbd626c7f578f490dec4931e2e61cf
db2b1181181fbd4039bbfd427591bad33bb884d6f3ca7d4efd9cad8c06538002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
effe5c367d6f17e30de2c00ae20b2146e8819b71c344cbd33208f930bf6196ff
f46efd9db341c389be7acfc59cf118e06bcad38c0741a41eef32abf21553db6e
f82d7842b86a8fa7984e54e3d3ce119ab0cbaa4c9e0f2ba1aa5fbd88a870f09f
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347

geminiduplication.com Open in urlscan Pro 3.161.82.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

71 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

2547 kBTransfer

7733 kBSize

1 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

geminiduplication.com Open in urlscan Pro
3.161.82.11 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

2547 kB
Transfer

7733 kB
Size

1
Cookies

44 HTTP transactions
0 data transactions