geminiduplication.com Open in urlscan Pro
3.161.82.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://geminiduplication.com/public/records
Submission: On May 03 via manual (May 3rd 2024, 7:29:38 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 44 HTTP transactions. The main IP is 3.161.82.11, located in United States and belongs to AMAZON-02, US. The main domain is geminiduplication.com.
TLS certificate: Issued by R3 on May 1st 2024. Valid for: 3 months.

This is the only time geminiduplication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	3.161.82.11 3.161.82.11	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:440... 2606:4700:4400::6812:26be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	52.30.10.51 52.30.10.51	16509 (AMAZON-02) (AMAZON-02)
44	8

21 3.161.82.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-11.fra56.r.cloudfront.net

geminiduplication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::6812:26be (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.whatfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whatfix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.10.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-10-51.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	geminiduplication.com geminiduplication.com	660 KB
14	whatfix.com cdn.whatfix.com — Cisco Umbrella Rank: 8624 whatfix.com — Cisco Umbrella Rank: 7219	2 MB
4	gstatic.com fonts.gstatic.com	95 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6508 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5812	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
0	gemini.legal Failed gemini.legal Failed
44	7

	Domain	Requested by
21	geminiduplication.com	geminiduplication.com
10	cdn.whatfix.com	geminiduplication.com cdn.whatfix.com cdnjs.cloudflare.com
4	whatfix.com	cdnjs.cloudflare.com
4	fonts.gstatic.com	fonts.googleapis.com
1	rum-collector-2.pingdom.net	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	geminiduplication.com
1	fonts.googleapis.com	geminiduplication.com
1	rum-static.pingdom.net	geminiduplication.com
0	gemini.legal Failed
44	9

This site contains links to these domains. Also see Links.

Domain
form.asana.com

Subject Issuer	Validity	Valid
geminiduplication.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.whatfix.com Go Daddy Secure Certificate Authority - G2	`2023-10-30` - `2024-11-16`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2023-10-14` - `2024-10-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://geminiduplication.com/public/records
Frame ID: 253B887920FC669E1F396C36BD39D15B
Requests: 40 HTTP requests in this frame

Frame: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/57F0B050E48C0E2364369AE246593C19.cache.js
Frame ID: 64561F3C102342DB3BDF90495DCDE67D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Page Statistics

44
Requests

98 %
HTTPS

57 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

2500 kB
Transfer

7534 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://form.asana.com/?k=_3caL13S49J0rIOEKavocA&d=30126573295575
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://geminiduplication.com/?_rsc=6dv3b HTTP 0
http://gemini.legal/

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request records Show response
geminiduplication.com/public/ 97 KB
19 KB 641ms
599ms Document
text/html 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: / Next.js
Resource Hash: ac35b05031d1eb94dacb2ef370aaf40d770fdf63cdc800f0c61dc2cd6f9fc4b4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: s-maxage=31536000, stale-while-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 19:29:32 GMT
etag: "jlkvuvto7x24kc"
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
x-amz-cf-id: Y1edA8gCft5z_VB7IxVZ87jrTHPe99_MI_y6--hyyFl9JwKqtCyeCw==
x-amz-cf-pop: FRA56-P10
x-cache: Miss from cloudfront
x-nextjs-cache: HIT
x-powered-by: Next.js

GET
H2 200 image
geminiduplication.com/_next/ 4 KB
4 KB 578ms
577ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Fsml%2Fsml_gemini_logo_white.png&w=256&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

b3b2f09805971b4e179a3442e5f05a08b1d518457cc7b1798a53611cfb0c5f68

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: s7LwmAWXG04XmjRC5fBaCLHVGEV8x7F5ilNhHPsMX2g=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="sml_gemini_logo_white.webp"
content-length: 3730
x-amz-cf-id: nOmyWoTEzHhFPlxiWkTKXCXEKhOW8xp8tYqDWgzaUOojmPEHyItFXw==

GET
H2 200 0d19ee271e0bb8c9.css
geminiduplication.com/_next/static/css/ 5 KB
2 KB 568ms
567ms Stylesheet
text/css 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/css/0d19ee271e0bb8c9.css
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 19506ea4d99105ebfaf04a56d20a792ba35ef0432911e520039de8fe4201aa58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"122b-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Sgop0CSUX9auqylyLAdSZbnkc2kIYRWyZCrAVMI7bdxAQLDEFU6FRA==

GET
H2 200 webpack-e789db56ff17d520.js Show response
geminiduplication.com/_next/static/chunks/ 4 KB
2 KB 580ms
572ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/webpack-e789db56ff17d520.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 53cdad1addd2fde5ef69d7079d02ae5272d943c43d2157d7aa73962adad0a4de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"e99-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: qItku9hcYGwYfmCWzQwPKUTsQyCynzoZNrtPPztOrdqOWC45V-jbYw==

GET
H2 200 1dd3208c-e4f40ce617642a66.js Show response
geminiduplication.com/_next/static/chunks/ 169 KB
53 KB 583ms
574ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/1dd3208c-e4f40ce617642a66.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 928ad76603d098aa510d4f476704a3b9e16723e1c64f6b88e4b2295ac1c7fb72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"2a320-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: eyjXM07GJB8GLxhh35B8wbGYdZQmEILi05zhC4U9XqQzg06_cad6dg==

GET
H2 200 286-cb6fcebb98a9ec28.js Show response
geminiduplication.com/_next/static/chunks/ 119 KB
31 KB 582ms
573ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/286-cb6fcebb98a9ec28.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 91529ee91dbe568411aafddd6ad85b6970c0d3972206ca205268193b97257978

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"1dcfe-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: IONX-NuU5G4ZFYmCYxWsLAAopPuEA0NwZvGWqwaezuaKbqVL4BKhiw==

GET
H2 200 main-app-708dc0a5cdc924e1.js Show response
geminiduplication.com/_next/static/chunks/ 473 B
841 B 582ms
573ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/main-app-708dc0a5cdc924e1.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 9e12567a08e9e67f7c36fdc6475d368d8a56adbcf0df6e4154ced2ec75534ebd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"1d9-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 473
x-amz-cf-id: GPWFsqznfAbX-W-2xQcYi6pffQG1QxVwUDr4lmkb82xeuM_8i-vC7A==

GET
H2 200 77122cfd-d70b8815f2ba7566.js Show response
geminiduplication.com/_next/static/chunks/ 632 B
1000 B 578ms
569ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/77122cfd-d70b8815f2ba7566.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: d43d40b49ca923a9777720b9bed758a6c0418d30fad059f3d30bd1d6e5fd5064

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"278-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 632
x-amz-cf-id: 0RQd18gtZCrxsYB5oDYizRabqIsdDDeGdRxY23yIb-i6wQbyIYVrEA==

GET
H2 200 5a80076f-59ef3f6b45fbfb44.js Show response
geminiduplication.com/_next/static/chunks/ 3 KB
2 KB 588ms
580ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5a80076f-59ef3f6b45fbfb44.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: aca8d2e755dde9c178e932d2b2f3c1f981cdf5e2102cd083897c006b8975a3fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"af5-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: MEVaqFYHmnXaB0MCu6Gs0uriL53yQZKdx13i0y_wxXRanCfgXUMW_w==

GET
H2 200 864d5303-cb3e1ffc0708303a.js Show response
geminiduplication.com/_next/static/chunks/ 2 KB
1 KB 584ms
576ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/864d5303-cb3e1ffc0708303a.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: daef2a18f219581093c5daa9291622f063fbd626c7f578f490dec4931e2e61cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"68b-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: qPy269XrspDgF4f6Q0b3_BhvQDeDl5Ed8A90KwTt_WCAFl_aZZuUDA==

GET
H2 200 669426d9-6b3c913950e23a06.js Show response
geminiduplication.com/_next/static/chunks/ 12 KB
5 KB 590ms
583ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/669426d9-6b3c913950e23a06.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 635f122710948dc5cc3e3bc7926b9d82a50cca47ff730956e18b2495ede819b3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"30d6-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: V1OwPvDbKpFO9PXM5f5OBP8ZprH-xkLINX1kkhOUzsc0nnkdum-Fqg==

GET
H2 200 b09111d1-5868d5018b7da176.js Show response
geminiduplication.com/_next/static/chunks/ 61 KB
21 KB 584ms
577ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/b09111d1-5868d5018b7da176.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 9a58b3bf324babce4aab9d46e75ed1765453154b74678fc1ab798b26bd50327d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"f227-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: RDxdnN_iKcnal5sMjN7nknQ8kcar2YOWfSsh-i1R8CcfqBbYfHCdkw==

GET
H2 200 3334-df18b2f7ca79540c.js Show response
geminiduplication.com/_next/static/chunks/ 1 MB
399 KB 590ms
584ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/3334-df18b2f7ca79540c.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: b379298c7552e9c63a06bfd94674b57d034c8466e4a30acb38ab48c26e29b4b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"15bc39-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: EYIRlF4nJ3UFW4PF0CmSG9LtywaOy3d4YF8fNPyLHsc8f_3pl5cjWw==

GET
H2 200 1211-72103addfd6c4c4d.js Show response
geminiduplication.com/_next/static/chunks/ 207 KB
59 KB 596ms
589ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/1211-72103addfd6c4c4d.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: ea5787ab8347bb89d92098e42db9a459d715e8aa156659327479659ed2679fee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"33be3-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: fSNl8S_ZKwk2MjAwuw5fRWXFUnx2zSysTShW2Fab4ApworpBhgo9cw==

GET
H2 200 page-d80a8e98cc87a506.js Show response
geminiduplication.com/_next/static/chunks/app/public/records/ 9 KB
3 KB 622ms
616ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/app/public/records/page-d80a8e98cc87a506.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: e600c0b097a1f6d5e0c87b0b185cd5ee1948f22211f87c95864e953e921f8d13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"23a3-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: u96JyS_SlozVijY2xnKbt8PBNk5O826Y98aZNE6d-hl0u44gO1unxQ==

GET
H2 200 5074-500bb1f31d8b5a24.js Show response
geminiduplication.com/_next/static/chunks/ 46 KB
14 KB 587ms
581ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5074-500bb1f31d8b5a24.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: dfe57d90f86546cab76c2fa69d45d0e7d1a6a9b66404d8c937b64349affad682

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"b766-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: JOr0dOOZAps9KGxzg8fADiXOiNerI9YRJxS8xHbOZl5_zL_3I5QjHw==

GET
H2 200 5144-b14c54d5c4866500.js Show response
geminiduplication.com/_next/static/chunks/ 15 KB
6 KB 598ms
592ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/5144-b14c54d5c4866500.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 5faeee5122897aeed0c12177b90c82fca877374b4c61fd00f60aa126a2db0302

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"3c56-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: H8XmHUkkWtWvOodMOQShTUgiB8UOEtDiBt302eyoEwtIvGbmbOn9TA==

GET
H2 200 layout-0a16a25a19f88e77.js Show response
geminiduplication.com/_next/static/chunks/app/ 2 KB
1 KB 588ms
583ms Script
application/javascript 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/_next/static/chunks/app/layout-0a16a25a19f88e77.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 41f561568c5245100c736df789919088cacc3da29cd93ac98d13d40211d2e609

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:51 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"6a3-18f3bf8c818"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: Ynas4cLMSemuOdXoTcnjsV8R7xTu3jL5xDTkUOE9xnGH7LSmVXXHQw==

GET
H2 200 initiator.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/ 1 MB
401 KB 245ms
203ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5434d2fa29cb891f533283ce3f29704865ae434c74d2340c78521cb61631bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
wfx-request-id: bf8613f29986f7574e3d082d807300e3
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:50Z
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=0, must-revalidate, no-transform
x-envoy-upstream-service-time: 42
cf-ray: 87e2a916fd8c9bdc-FRA
x-xss-protection: 1; mode=block

GET
H2 200 pa-63af61080d7ce50011001743.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 190ms
148ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-63af61080d7ce50011001743.js
Requested by: Host: geminiduplication.com
URL: https://geminiduplication.com/public/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bed34908f36642ecb71ef968f5e2d0ae3ec2692fc1d110c7dae9b72c5f0ff55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 87e2a9170dc1913a-FRA
expires: Fri, 03 May 2024 19:34:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 42 KB
2 KB 59ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28626569d3a44aa2d81cb7f5175c4e8f0dc4d5781e53bfcbafbfe13975d77145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 19:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 18:31:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 19:29:32 GMT

GET
H3 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 54ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4420594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18862
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FV3KwRfhzsxMJWB6RZCZtpX3nK3YbhXdnQB%2BzPU8bZ3NdfcTSynceN4KlvLNLL2knK%2F6BfWFe8ZDaQcmH7x44E5djOJ40lUQ7b4BO9wV6X9wnJGHjEPpqnjVs9DErthF9L52S6rW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87e2a916ddb25d7f-FRA
expires: Wed, 23 Apr 2025 19:29:33 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
25 KB 58ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:57:58 GMT
x-content-type-options: nosniff
age: 300695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24964
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:57:58 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 43ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:59:05 GMT
x-content-type-options: nosniff
age: 300628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23620
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:59:05 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 60ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:16:38 GMT
x-content-type-options: nosniff
age: 551575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 10:16:38 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 64ms
32ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:43:25 GMT
x-content-type-options: nosniff
age: 301568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:43:25 GMT

GET
H2 200 image
geminiduplication.com/_next/ 19 KB
19 KB 719ms
718ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Foranges%2Foranges_top_right.png&w=384&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

1b3462ec2d76bb665e105c8d9b0f0caaff721e563cd14a934071ca050159c00e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: GzRi7C12u2ZeEFyNmw8Mqv9yHlY80UqTQHHKBQFZwA4=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="oranges_top_right.webp"
content-length: 19260
x-amz-cf-id: ILejw3Zgk4HayW_H6z_JuHpeya3BOBfA34UoE9Ik7mici0jqK68N6A==

GET
H2 200 image
geminiduplication.com/_next/ 15 KB
16 KB 746ms
746ms Image
image/webp 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geminiduplication.com/_next/image?url=%2Foranges%2Foranges_bottom_left.png&w=384&q=75

Requested by

Host: geminiduplication.com
URL: https://geminiduplication.com/public/records

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-11.fra56.r.cloudfront.net

Software

Resource Hash

bbd9a73f21055a563a4cbf664c096cf57804c0eadbeacecb01f9579eb3ab5967

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:33 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
etag: u9mnPyEFWlY6TL9mTAls9XgEwOrb6s7LAflXnrOrWWc=
vary: Accept
x-cache: Miss from cloudfront
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="oranges_bottom_left.webp"
content-length: 15676
x-amz-cf-id: SlaswrNz8NlYciU6Apa9VNwKqODZIQN7CUA9Y3ACyIvanZklAL-Geg==

GET
H2 200 initiator_conf_cb.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/ 10 KB
2 KB 168ms
168ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator_conf_cb.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274a29a52cdc8da657bb2ba9294bf605c9b92adae07c07130c0f0aca4b39ce3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
wfx-request-id: 14226bc628840d8c87e9e63ded8076a6
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:50Z
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
cache-control: max-age=0, must-revalidate, no-transform
x-envoy-upstream-service-time: 18
cf-ray: 87e2a91f19019bdc-FRA
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 135ms
30ms XHR
text/plain 52.30.10.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=63af61080d7ce50011001743&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=16&cE=42&dLE=16&dLS=16&fS=0&hS=24&rE=-1&rS=-1&reS=42&resS=642&resE=786&uEE=-1&uES=-1&dL=645&dI=1377&dCLES=1377&dCLEE=1377&dC=2680&lES=2680&lEE=2681&s=nt&title=&path=https%3A%2F%2Fgeminiduplication.com%2Fpublic%2Frecords&ref=&sId=3x3qnj7k&sST=1714764574&sIS=1&rV=0&v=1.4.1
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.10.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-10-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 03 May 2024 19:29:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 favicon-32x32.png
geminiduplication.com/prodicons/ 1 KB
1 KB 149ms
148ms Other
image/png 3.161.82.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geminiduplication.com/prodicons/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-11.fra56.r.cloudfront.net
Software: /
Resource Hash: 42078351e7ab6035a350cd1c71ff6741236ec7642bb1f7ae9e4a4809d6b61f2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/public/records
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:34 GMT
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 01:01:11 GMT
x-amz-cf-pop: FRA56-P10
etag: W/"4a3-18f3bf82bd8"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1187
x-amz-cf-id: XUvgogF0ISCZywONBoUjiuA7KFMZptG_XpgWn1Ke8oncDUCQyQeGuw==

GET

/
gemini.legal/
Redirect Chain

https://geminiduplication.com/?_rsc=6dv3b
http://gemini.legal/

0
0

GET
H2 200 embed.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/ 10 KB
5 KB 201ms
179ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/embed.nocache.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

136f3305f71c2d0784c646bffe8065798fbc3ccaa57a153944b084f5485f2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 22
x-xss-protection: 1; mode=block
wfx-request-id: b98771cc29609b9bc7c3b9b9f4f18b29
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:49Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a9205fab9746-FRA

GET
H2 200 57F0B050E48C0E2364369AE246593C19.cache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/ Frame 6456 3 MB
1 MB 46ms
45ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/57F0B050E48C0E2364369AE246593C19.cache.js

Requested by

Host: cdn.whatfix.com
URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/embed/embed.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68224ca57209ed9dc365cb29b1a0eb793b88c4d16c696d28b472a3809aa087d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 325391
x-envoy-upstream-service-time: 73
x-xss-protection: 1; mode=block
wfx-request-id: 84fb9a445c8927fbdb7f1425e11317b2
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:49Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a921faa29746-FRA

GET
H2 200 customization-engine.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/modules/customization-engine/1.0.4/ Frame 6456 41 KB
9 KB 225ms
225ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/modules/customization-engine/1.0.4/customization-engine.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

181eb8cfa59ee4601f6fdef889cc88f9877df382224b650f4eb4415dcd3d06f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 71
x-xss-protection: 1; mode=block
wfx-request-id: f2f2ee24fe72e7273a66664cccb0f23b
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:48Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a923edf09746-FRA

GET
H2 200 observer.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/modules/observer/1.0.3/ Frame 6456 254 KB
62 KB 356ms
356ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/modules/observer/1.0.3/observer.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a4d58cd19078778abc6360d70e9d3ab9a6bac87b2d5b9a0b925418fa1003f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 22
x-xss-protection: 1; mode=block
wfx-request-id: 5b38ca0d6c8c5b3ffdb23ebba3946b56
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:50Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a923edf29746-FRA

POST
H2 200 embed_exist Show response
whatfix.com/service/ent_id/v2/flow/ 23 B
189 B 171ms
161ms XHR
application/json 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/ent_id/v2/flow/embed_exist

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46efd9db341c389be7acfc59cf118e06bcad38c0741a41eef32abf21553db6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self'
x-envoy-upstream-service-time: 8
x-xss-protection: 1; mode=block
wfx-request-id: f21f590cd0f7bc9d62b9818ce3bc10af
referrer-policy: same-origin
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 87e2a9240e419746-FRA

GET
H2 200 integration.nocache.js Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/integration/ 9 KB
2 KB 361ms
361ms Script
application/x-javascript 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/integration/integration.nocache.js

Requested by

Host:
URL: embed-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d65274facdae8cb4c9d199b66e4ccc7aaf4a41f3393d25610db2bc0f12f5bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://geminiduplication.com/
Origin: https://geminiduplication.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 21
x-xss-protection: 1; mode=block
wfx-request-id: a1d7ead39e42ae5ae676c466506415f8
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:48Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a9240e269746-FRA

GET
H2 200 configuration.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/ 166 B
266 B 257ms
257ms XHR
application/json 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/configuration.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c92025c444da02331366a301ab5e632b0619e2193f6d8524f74c8e5b472b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 20
x-xss-protection: 1; mode=block
wfx-request-id: fc5c265aa8db473cdc9ef18c30983e37
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:49Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-transform
cf-ray: 87e2a9240e389746-FRA

GET
H2 200 ent-config Show response
whatfix.com/service/57970d23-1093-486f-83d8-40ec1f7e405f/cconfig/ 478 B
478 B 166ms
158ms XHR
application/json 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/57970d23-1093-486f-83d8-40ec1f7e405f/cconfig/ent-config

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87dbf17883a0eae8eda25c71c658245034c79474f44f94d945f14fb21f048fb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: frame-ancestors 'self'
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block
wfx-request-id: 696f0df0096d02932f889d94ca919494
referrer-policy: same-origin
last-modified: Fri, 03 May 2024 19:29:35 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 87e2a9240e449746-FRA

GET
H2 200 enterprise.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1714076804023/data/ 118 KB
24 KB 184ms
183ms XHR
application/json 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1714076804023/data/enterprise.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878415bf972acc45c7ab04b6c84d33c90f43739f22e4e6ff1df5892536fdba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-envoy-upstream-service-time: 22
x-xss-protection: 1; mode=block
wfx-request-id: 386eca8947af0f7245a2af8a0d290548
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:50Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a925a8eb9746-FRA

OPTIONS
H2 200 57970d23-1093-486f-83d8-40ec1f7e405f
whatfix.com/service/event/collect/v2/ Frame 0
0 131ms
130ms Preflight 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/event/collect/v2/57970d23-1093-486f-83d8-40ec1f7e405f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,wfx-sent-time
Access-Control-Request-Method: POST
Origin: https://geminiduplication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, wfx-sent-time x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-whatfix-integration-key, x-whatfix-user, x-whatfix-event-sink
access-control-allow-methods: POST POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache,no-store
cf-cache-status: DYNAMIC
cf-ray: 87e2a926eb039746-FRA
content-length: 0
date: Fri, 03 May 2024 19:29:35 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block

POST
H2 200 57970d23-1093-486f-83d8-40ec1f7e405f Show response
whatfix.com/service/event/collect/v2/ 0
71 B 123ms
123ms XHR
text/plain 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfix.com/service/event/collect/v2/57970d23-1093-486f-83d8-40ec1f7e405f

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://geminiduplication.com/
wfx-sent-time: 1714764575818
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:29:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 1
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
cache-control: no-cache,no-store
cf-ray: 87e2a927bc779746-FRA
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-whatfix-integration-key, x-whatfix-user, x-whatfix-event-sink

GET
H2 200 user_actions.json Show response
cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1714076804023/data/user_action/ 184 KB
20 KB 52ms
52ms XHR
application/json 2606:4700:4400::6812:26be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/content/1714076804023/data/user_action/user_actions.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26be , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f58049025741b8badf285e474f46084bfd0616f5e3721b7e3ef2e2dd0c60ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://geminiduplication.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 03 May 2024 19:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 262371
x-envoy-upstream-service-time: 21
x-xss-protection: 1; mode=block
wfx-request-id: 0e171a33c8320040a1391572fbee808c
referrer-policy: same-origin
last-modified: 2024-04-25T20:27:50Z
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, immutable, no-transform
cf-ray: 87e2a9270b509746-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gemini.legal
URL: http://gemini.legal/

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.geminiduplication.com/	1970-01-20 22:43:24	Name: wfx_unq Value: SSIt5fqhTgF082GK

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/initiator/initiator.nocache.js(Line 3) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	URL: https://geminiduplication.com/public/records Message: Mixed Content: The page at 'https://geminiduplication.com/public/records' was loaded over HTTPS, but requested an insecure resource 'http://gemini.legal/'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://cdn.whatfix.com/prod/57970d23-1093-486f-83d8-40ec1f7e405f/1714076804023/modules/observer/1.0.3/observer.nocache.js(Line 69) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.whatfix.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gemini.legal
geminiduplication.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
whatfix.com
gemini.legal
104.17.25.14
2606:4700:10::6816:3668
2606:4700:4400::6812:26be
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
3.161.82.11
52.30.10.51
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
136f3305f71c2d0784c646bffe8065798fbc3ccaa57a153944b084f5485f2c3e
181eb8cfa59ee4601f6fdef889cc88f9877df382224b650f4eb4415dcd3d06f7
19506ea4d99105ebfaf04a56d20a792ba35ef0432911e520039de8fe4201aa58
1b3462ec2d76bb665e105c8d9b0f0caaff721e563cd14a934071ca050159c00e
274a29a52cdc8da657bb2ba9294bf605c9b92adae07c07130c0f0aca4b39ce3f
28626569d3a44aa2d81cb7f5175c4e8f0dc4d5781e53bfcbafbfe13975d77145
2f58049025741b8badf285e474f46084bfd0616f5e3721b7e3ef2e2dd0c60ab9
41f561568c5245100c736df789919088cacc3da29cd93ac98d13d40211d2e609
42078351e7ab6035a350cd1c71ff6741236ec7642bb1f7ae9e4a4809d6b61f2e
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
53cdad1addd2fde5ef69d7079d02ae5272d943c43d2157d7aa73962adad0a4de
5faeee5122897aeed0c12177b90c82fca877374b4c61fd00f60aa126a2db0302
635f122710948dc5cc3e3bc7926b9d82a50cca47ff730956e18b2495ede819b3
68224ca57209ed9dc365cb29b1a0eb793b88c4d16c696d28b472a3809aa087d1
7a4d58cd19078778abc6360d70e9d3ab9a6bac87b2d5b9a0b925418fa1003f7d
7bed34908f36642ecb71ef968f5e2d0ae3ec2692fc1d110c7dae9b72c5f0ff55
7d65274facdae8cb4c9d199b66e4ccc7aaf4a41f3393d25610db2bc0f12f5bee
878415bf972acc45c7ab04b6c84d33c90f43739f22e4e6ff1df5892536fdba58
87dbf17883a0eae8eda25c71c658245034c79474f44f94d945f14fb21f048fb3
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
91529ee91dbe568411aafddd6ad85b6970c0d3972206ca205268193b97257978
928ad76603d098aa510d4f476704a3b9e16723e1c64f6b88e4b2295ac1c7fb72
9a58b3bf324babce4aab9d46e75ed1765453154b74678fc1ab798b26bd50327d
9e12567a08e9e67f7c36fdc6475d368d8a56adbcf0df6e4154ced2ec75534ebd
a5434d2fa29cb891f533283ce3f29704865ae434c74d2340c78521cb61631bce
ac35b05031d1eb94dacb2ef370aaf40d770fdf63cdc800f0c61dc2cd6f9fc4b4
aca8d2e755dde9c178e932d2b2f3c1f981cdf5e2102cd083897c006b8975a3fe
b379298c7552e9c63a06bfd94674b57d034c8466e4a30acb38ab48c26e29b4b1
b3b2f09805971b4e179a3442e5f05a08b1d518457cc7b1798a53611cfb0c5f68
bbd9a73f21055a563a4cbf664c096cf57804c0eadbeacecb01f9579eb3ab5967
c1c92025c444da02331366a301ab5e632b0619e2193f6d8524f74c8e5b472b49
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
d43d40b49ca923a9777720b9bed758a6c0418d30fad059f3d30bd1d6e5fd5064
daef2a18f219581093c5daa9291622f063fbd626c7f578f490dec4931e2e61cf
dfe57d90f86546cab76c2fa69d45d0e7d1a6a9b66404d8c937b64349affad682
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e600c0b097a1f6d5e0c87b0b185cd5ee1948f22211f87c95864e953e921f8d13
ea5787ab8347bb89d92098e42db9a459d715e8aa156659327479659ed2679fee
f46efd9db341c389be7acfc59cf118e06bcad38c0741a41eef32abf21553db6e
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347

geminiduplication.com Open in urlscan Pro 3.161.82.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

57 %IPv6

7 Domains

9 Subdomains

8 IPs

4 Countries

2500 kBTransfer

7534 kBSize

1 Cookies

1 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

geminiduplication.com Open in urlscan Pro
3.161.82.11 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

57 %
IPv6

7
Domains

9
Subdomains

8
IPs

4
Countries

2500 kB
Transfer

7534 kB
Size

1
Cookies

44 HTTP transactions
0 data transactions