gcxiu.com Open in urlscan Pro
154.91.176.218 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gcxiu.com/login.jsp
Submission: On October 01 via api (October 1st 2024, 8:14:38 am UTC) from US — Scanned from JP

Summary HTTP 172 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 21 domains to perform 172 HTTP transactions. The main IP is 154.91.176.218, located in Hong Kong, Hong Kong and belongs to AROSS-AS, US. The main domain is gcxiu.com.
TLS certificate: Issued by R11 on September 30th 2024. Valid for: 3 months.

This is the only time gcxiu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

	IP Address	AS Autonomous System
23	154.91.176.218 154.91.176.218	400619 (AROSS-AS) (AROSS-AS)
2	13.251.181.147 13.251.181.147	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26a... 2600:9000:26a7:5200:10:3572:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.164.110.102 3.164.110.102	16509 (AMAZON-02) (AMAZON-02)
13	2404:6800:400... 2404:6800:4004:826::2008	15169 (GOOGLE) (GOOGLE)
1	182.22.28.252 182.22.28.252	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
9	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20e4:1a00:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.62.185.138 23.62.185.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.40.192.29 23.40.192.29	16625 (AKAMAI-AS) (AKAMAI-AS)
4	157.240.31.5 157.240.31.5	32934 (FACEBOOK) (FACEBOOK)
1	13.225.183.44 13.225.183.44	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:208... 2600:9000:208e:dc00:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	118.215.185.125 118.215.185.125	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
4	182.22.30.220 182.22.30.220	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
5	124.83.185.124 124.83.185.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
2	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
2	52.198.29.63 52.198.29.63	16509 (AMAZON-02) (AMAZON-02)
2	2600:140b:1a0... 2600:140b:1a00:7a6::322	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 22	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
13	142.250.206.194 142.250.206.194	15169 (GOOGLE) (GOOGLE)
1	3.114.202.197 3.114.202.197	16509 (AMAZON-02) (AMAZON-02)
1	54.65.163.228 54.65.163.228	16509 (AMAZON-02) (AMAZON-02)
6 22	172.217.25.164 172.217.25.164	15169 (GOOGLE) (GOOGLE)
22	142.251.42.163 142.251.42.163	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.250.76.136 142.250.76.136	15169 (GOOGLE) (GOOGLE)
3 6	142.250.76.130 142.250.76.130	15169 (GOOGLE) (GOOGLE)
4	157.240.31.35 157.240.31.35	32934 (FACEBOOK) (FACEBOOK)
172	32

23 154.91.176.218 (Hong Kong, Hong Kong)

ASN400619 (AROSS-AS, US)

gcxiu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.181.147 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a7:5200:10:3572:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.110.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-102.nrt12.r.cloudfront.net

p.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.28.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e4:1a00:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.185.138 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-185-138.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.192.29 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-29.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.183.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-44.nrt57.r.cloudfront.net

tk.csolution.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208e:dc00:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

trj.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.215.185.125 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a118-215-185-125.deploy.static.akamaitechnologies.com

cdn.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.22.30.220 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 124.83.185.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

apm.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.29.63 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-29-63.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:7a6::322 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

i6.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.196.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.206.194 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.202.197 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-202-197.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.163.228 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-163-228.ap-northeast-1.compute.amazonaws.com

log-v4-insight.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.25.164 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sin01s16-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.42.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.136 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.76.130 (Plainview, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.31.35 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 td.doubleclick.net — Cisco Umbrella Rank: 216	37 KB
23	gcxiu.com gcxiu.com	2 MB
22	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 23219	1 KB
22	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
16	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	1 MB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	5 KB
9	yahoo.co.jp b99.yahoo.co.jp — Cisco Umbrella Rank: 27698 apm.yahoo.co.jp — Cisco Umbrella Rank: 21941	24 KB
9	bing.com bat.bing.com — Cisco Umbrella Rank: 378	17 KB
6	googleadservices.com 3 redirects www.googleadservices.com — Cisco Umbrella Rank: 99	8 KB
6	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 32399 obs.segreencolumn.com — Cisco Umbrella Rank: 26360	42 KB
5	smartnews-ads.com cdn.smartnews-ads.com — Cisco Umbrella Rank: 86595 i.smartnews-ads.com — Cisco Umbrella Rank: 89969 i6.smartnews-ads.com — Cisco Umbrella Rank: 93258	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	80 KB
2	line.me tr.line.me — Cisco Umbrella Rank: 16729	850 B
2	kaizenplatform.net cdn.kaizenplatform.net — Cisco Umbrella Rank: 633596 log-v4-insight.kaizenplatform.net — Cisco Umbrella Rank: 523353	101 KB
2	fraud-alert.net static.fraud-alert.net p.fraud-alert.net	21 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 12400	8 KB
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 236317	319 B
1	valuecommerce.com trj.valuecommerce.com — Cisco Umbrella Rank: 232159	5 KB
1	csolution.jp tk.csolution.jp	2 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 17650	10 KB
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 7948	11 KB
172	21

	Domain	Requested by
23	gcxiu.com	gcxiu.com
22	www.google.co.jp	gcxiu.com
22	www.google.com	6 redirects gcxiu.com
22	googleads.g.doubleclick.net	6 redirects www.googletagmanager.com
19	td.doubleclick.net	www.googletagmanager.com
16	www.googletagmanager.com	gcxiu.com
9	www.facebook.com	gcxiu.com
9	bat.bing.com	gcxiu.com bat.bing.com
6	www.googleadservices.com	3 redirects www.googletagmanager.com
5	apm.yahoo.co.jp	s.yimg.jp
5	obs.segreencolumn.com	gcxiu.com ob.segreencolumn.com
4	b99.yahoo.co.jp	s.yimg.jp gcxiu.com
4	connect.facebook.net	gcxiu.com connect.facebook.net
2	i6.smartnews-ads.com	gcxiu.com
2	i.smartnews-ads.com	gcxiu.com
2	tr.line.me	gcxiu.com
2	seal.digicert.com	gcxiu.com
1	log-v4-insight.kaizenplatform.net	cdn.kaizenplatform.net
1	a.imgvc.com	gcxiu.com
1	cdn.kaizenplatform.net	gcxiu.com
1	trj.valuecommerce.com	gcxiu.com
1	tk.csolution.jp	gcxiu.com
1	cdn.smartnews-ads.com	gcxiu.com
1	d.line-scdn.net	gcxiu.com
1	ob.segreencolumn.com	gcxiu.com
1	s.yimg.jp	gcxiu.com
1	p.fraud-alert.net	static.fraud-alert.net
1	static.fraud-alert.net	gcxiu.com
172	28

This site contains links to these domains. Also see Links.

Domain
ib.jibunbank.co.jp
help.jibunbank.co.jp
www.jibunbank.co.jp

Subject Issuer	Validity	Valid
*.demiangufen.com R11	`2024-09-30` - `2024-12-29`	3 months	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-01-30`	a year	crt.sh
*.fraud-alert.net Amazon RSA 2048 M02	`2024-09-13` - `2025-10-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-09-20` - `2025-10-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.segreencolumn.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-24` - `2025-09-23`	a year	crt.sh
*.smartnews-ads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.csolution.jp Amazon RSA 2048 M03	`2024-03-25` - `2025-04-23`	a year	crt.sh
*.valuecommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-09` - `2025-10-10`	a year	crt.sh
*.kaizenplatform.net GeoTrust RSA CA 2018	`2024-03-04` - `2025-03-07`	a year	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-20` - `2024-12-19`	a year	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2024-08-08` - `2025-09-09`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.imgvc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-10-31`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.co.jp WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.googleadservices.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://gcxiu.com/login.jsp
Frame ID: 7993DDE38B9C54191B9CE2BE3162AEAF
Requests: 151 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1727770475578&cv=11&fst=1727770475578&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 3319B9664D87A96A06283A23C0C37DD1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727770475630&cv=11&fst=1727770475630&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: B1268A0F5F94A95AAE3C7B8B7450AA88
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727770475656&cv=11&fst=1727770475656&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 55533C4919ACA7B87F9FAA1AEF4A8B63
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727770475672&cv=11&fst=1727770475672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: BBCA2E5B30CC8D3EE79CED76C89CEF11
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1727770475710&cv=11&fst=1727770475710&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: CA78AF29406ACA1738569189168541B6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727770475748&cv=11&fst=1727770475748&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 6856BA4886C111E4358CE59AC98FF07E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1727770475827&cv=11&fst=1727770475827&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4E683522A7F44DDA8A5D6C28E966B4D8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/723623815?random=1727770475857&cv=11&fst=1727770475857&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A48273270ACCAE497D779E79B971C78F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709209482?random=1727770475952&cv=11&fst=1727770475952&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: CCA0DDF5A63E1701D00FBD43ED1BAEC7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/612303449?random=1727770475996&cv=11&fst=1727770475996&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4C77B53639E3D4564769C3CE3EF90387
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/942787950?random=1727770476036&cv=11&fst=1727770476036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 5D0B5F02D73B1A1BAA2E19E8ABD29CB7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1727770476074&cv=11&fst=1727770476074&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C3F393749A5D7634D8E8A36B73B5D661
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721477044?random=1727770476153&cv=11&fst=1727770476153&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 589DF89981426D1C8EFD511CC310B8AB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727770476233&cv=11&fst=1727770476233&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 00B2723614175C2AC6033B1D1C94B270
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727770476261&cv=11&fst=1727770476261&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0
Frame ID: D9FF73212D7796C923B26DB4195109B7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727770476285&cv=11&fst=1727770476285&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D50B5386E76AE1AE23F92E4A8A8A2B10
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727770476312&cv=11&fst=1727770476312&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 086AA9661D876F386820536751723C07
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727770476331&cv=11&fst=1727770476331&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A6A11133E2A77ACBE40460DBCF8479B5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727770476358&cv=11&fst=1727770476358&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 265502477DD0AB3FCBC0A51133803F69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | ログイン | auじぶん銀行

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

172
Requests

82 %
HTTPS

29 %
IPv6

21
Domains

28
Subdomains

32
IPs

5
Countries

4289 kB
Transfer

7519 kB
Size

25
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ib.jibunbank.co.jp/security/ap/manageloginpw/resetloginpw/resetloginpwidentificationinit
Title: ログインパスワードを忘れた・ロックしてしまったお客さま

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=999
Title: ログインできなくなりました。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=518
Title: ログインパスワードとは何ですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=536
Title: お客さま番号とログインパスワードを正しく入力しても、インターネットバンキングにログインできません。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=528
Title: ログインパスワードを忘れてしまいました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=599
Title: ログインパスワードを何度も間違えて、入力できなくなりました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://www.jibunbank.co.jp/common/redirector.html?id=3484
Title: 全てを見る

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIsY_zy97siAMV-soWBR2nnQQVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIsY_zy97siAMV-soWBR2nnQQVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfybRXqozbboow8CaRzcyu24f6v179lg&random=1884432140 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIsY_zy97siAMV-soWBR2nnQQVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfybRXqozbboow8CaRzcyu24f6v179lg&random=1884432140&ipr=y

Request Chain 119

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1JHzy97siAMV8coWBR2oOiLHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1JHzy97siAMV8coWBR2oOiLHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfT8rM2u0Js-weeLey3vZFHNgSyYx2jw&random=82316357 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1JHzy97siAMV8coWBR2oOiLHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfT8rM2u0Js-weeLey3vZFHNgSyYx2jw&random=82316357&ipr=y

Request Chain 120

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscrd=IhMIqvzyy97siAMV4cgWBR0kXTZ7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscrd=IhMIqvzyy97siAMV4cgWBR0kXTZ7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf7Qn_IEHKQHMROdOcTB416x8YSgZO_Q&random=1346989391 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscrd=IhMIqvzyy97siAMV4cgWBR0kXTZ7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf7Qn_IEHKQHMROdOcTB416x8YSgZO_Q&random=1346989391&ipr=y

Request Chain 157

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjJ74y97siAMVXcgWBR3iojuxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck9wRTVKTG1YWlNhRmw5dXJGa1pSenV1LVA5d29faGE0SGJvbENHaVM0REh1OU01R1NIekpGWQ HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjJ74y97siAMVXcgWBR3iojuxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck9wRTVKTG1YWlNhRmw5dXJGa1pSenV1LVA5d29faGE0SGJvbENHaVM0REh1OU01R1NIekpGWQ&is_vtc=1&cid=CAQSGwDpaXnf5TYeg0lWZgsvWWyYIWrOlLwIw80Kkg&random=4016502767 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjJ74y97siAMVXcgWBR3iojuxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck9wRTVKTG1YWlNhRmw5dXJGa1pSenV1LVA5d29faGE0SGJvbENHaVM0REh1OU01R1NIekpGWQ&is_vtc=1&cid=CAQSGwDpaXnf5TYeg0lWZgsvWWyYIWrOlLwIw80Kkg&random=4016502767&ipr=y

Request Chain 160

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIkcmxAiIBAkondHJpZ2dlciwgZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIgLL7y97siAMVAt0WBR06KTcrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJVU2VmMHl3aUEwOVphaE1mUG1Pd1ZFSVV3Q0F4dVNFcFY3WGdjTFVQZDQ0NGNwa1JkT1UtOA HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIkcmxAiIBAkondHJpZ2dlciwgZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIgLL7y97siAMVAt0WBR06KTcrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJVU2VmMHl3aUEwOVphaE1mUG1Pd1ZFSVV3Q0F4dVNFcFY3WGdjTFVQZDQ0NGNwa1JkT1UtOA&is_vtc=1&cid=CAQSGwDpaXnf-Ln8Ay_DOkZdiutD6ml0nBB7MLBiew&random=3258616236 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIkcmxAiIBAkondHJpZ2dlciwgZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIgLL7y97siAMVAt0WBR06KTcrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJVU2VmMHl3aUEwOVphaE1mUG1Pd1ZFSVV3Q0F4dVNFcFY3WGdjTFVQZDQ0NGNwa1JkT1UtOA&is_vtc=1&cid=CAQSGwDpaXnf-Ln8Ay_DOkZdiutD6ml0nBB7MLBiew&random=3258616236&ipr=y

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI86b-y97siAMVicwWBR1dES_HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck5CelFIUXNOSnFjUFZyTDM1TTFaLWdYc2gwVVN5d2RzcWZzSlU5NFpzdlNXWE9KUWZtWDVGSQ HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI86b-y97siAMVicwWBR1dES_HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck5CelFIUXNOSnFjUFZyTDM1TTFaLWdYc2gwVVN5d2RzcWZzSlU5NFpzdlNXWE9KUWZtWDVGSQ&is_vtc=1&cid=CAQSGwDpaXnfi3ENW0XGf7kamh76Ov5MinHJ_Rodsw&random=1282721030 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI86b-y97siAMVicwWBR1dES_HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck5CelFIUXNOSnFjUFZyTDM1TTFaLWdYc2gwVVN5d2RzcWZzSlU5NFpzdlNXWE9KUWZtWDVGSQ&is_vtc=1&cid=CAQSGwDpaXnfi3ENW0XGf7kamh76Ov5MinHJ_Rodsw&random=1282721030&ipr=y

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.jsp Show response
gcxiu.com/ 19 KB
19 KB 944ms
67ms Document
text/html 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-length: 19673
content-type: text/html;charset=UTF-8
date: Tue, 01 Oct 2024 08:14:28 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 all.js Show response
gcxiu.com/js/ 256 KB
257 KB 63ms
57ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/all.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"261634-1727680664000"
accept-ranges: bytes
content-length: 261634
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 app.js Show response
gcxiu.com/js/ 190 KB
191 KB 64ms
59ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/app.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"194353-1727680664000"
accept-ranges: bytes
content-length: 194353
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 style.css
gcxiu.com/style/css/ 516 KB
520 KB 162ms
158ms Stylesheet
text/css 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/style/css/style.css
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"528492-1727698150000"
accept-ranges: bytes
content-length: 528492
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Mon, 30 Sep 2024 12:09:10 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 common.js Show response
gcxiu.com/js/ 4 KB
4 KB 161ms
157ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/common.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"4484-1727710072288"
accept-ranges: bytes
content-length: 4484
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Mon, 30 Sep 2024 15:27:52 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 extended_timeout.js Show response
gcxiu.com/js/ 3 KB
3 KB 164ms
161ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/extended_timeout.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"3334-1727680664000"
accept-ranges: bytes
content-length: 3334
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
gcxiu.com/js/ 86 KB
86 KB 165ms
162ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/jquery-3.4.1.min.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"88145-1680887322000"
accept-ranges: bytes
content-length: 88145
date: Tue, 01 Oct 2024 08:14:28 GMT
last-modified: Fri, 07 Apr 2023 17:08:42 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 img_site-logo_pc.png
gcxiu.com/style/img/ 2 KB
2 KB 164ms
162ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/img_site-logo_pc.png
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 2154
date: Tue, 01 Oct 2024 08:14:28 GMT
etag: W/"2154-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 img_site-logo_sp.png
gcxiu.com/style/img/ 2 KB
2 KB 162ms
160ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/img_site-logo_sp.png
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 1829
date: Tue, 01 Oct 2024 08:14:28 GMT
etag: W/"1829-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 before_auth.css
gcxiu.com/style/css/ 447 B
520 B 52ms
51ms Stylesheet
text/css 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/style/css/before_auth.css
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"447-1727680708000"
accept-ranges: bytes
content-length: 447
date: Tue, 01 Oct 2024 08:14:30 GMT
last-modified: Mon, 30 Sep 2024 07:18:28 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 question.svg
gcxiu.com/style/img/ 717 B
824 B 51ms
51ms Image
image/svg+xml 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/question.svg
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 717
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"717-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 gtm.js Show response
gcxiu.com/js/ 504 KB
504 KB 76ms
74ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"515639-1727680328000"
accept-ranges: bytes
content-length: 515639
date: Tue, 01 Oct 2024 08:14:30 GMT
last-modified: Mon, 30 Sep 2024 07:12:08 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 155 B
560 B 221ms
73ms Image
image/png 13.251.181.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=ib.jibunbank.co.jp&format=png&lang=ja&seal_number=18&seal_size=s&an=min

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Strict-Transport-Security: max-age=31536000
cache-control: max-age=7776000
x-envoy-upstream-service-time: 57
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Mon, 30 Dec 2024 07:54:32 GMT
Content-Length: 155
Date: Tue, 01 Oct 2024 08:14:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
last-modified: Tue, 01 Oct 2024 07:54:31 GMT
Server: nginx

GET
H2 200 seal.min.js Show response
gcxiu.com/js/ 8 KB
8 KB 76ms
74ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/seal.min.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"7741-1727688784000"
accept-ranges: bytes
content-length: 7741
date: Tue, 01 Oct 2024 08:14:30 GMT
last-modified: Mon, 30 Sep 2024 09:33:04 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 p_img04.png
gcxiu.com/style/img/ 17 KB
17 KB 232ms
231ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/p_img04.png
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 17497
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"17497-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img05.png
gcxiu.com/style/img/ 18 KB
18 KB 121ms
120ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/p_img05.png
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 18851
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"18851-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img06.png
gcxiu.com/style/img/ 17 KB
17 KB 233ms
232ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/p_img06.png
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 16987
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"16987-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 pc_cachcard_back.gif
gcxiu.com/style/img/ 76 KB
77 KB 237ms
236ms Image
image/gif 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/pc_cachcard_back.gif
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 78211
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"78211-1727688220000"
last-modified: Mon, 30 Sep 2024 09:23:40 GMT
content-type: image/gif
server: Apache

GET
H2 200 fraudalert_form.js Show response
gcxiu.com/js/ 950 B
1000 B 121ms
119ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/js/fraudalert_form.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

etag: W/"950-1727680664000"
accept-ranges: bytes
content-length: 950
date: Tue, 01 Oct 2024 08:14:30 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

POST
H2 200 pageServlet Show response
gcxiu.com/api/ 0
26 B 2350ms
2347ms XHR
text/html 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/api/pageServlet
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gcxiu.com/login.jsp
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded

Response headers

content-length: 0
date: Tue, 01 Oct 2024 08:14:30 GMT
content-type: text/html;charset=UTF-8
server: Apache

GET
H2 200 NotoSansCJKjp-RegularSubset.woff
gcxiu.com/style/font/ 397 KB
397 KB 607ms
607ms Font
font/woff 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/style/font/NotoSansCJKjp-RegularSubset.woff
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://gcxiu.com
Referer: https://gcxiu.com/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406344
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"406344-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
8 KB 807ms
670ms Script
text/javascript 13.251.181.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.251.181.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-181-147.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Strict-Transport-Security: max-age=31536000
etag: "1e3d-62307579e4f80"
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 7741
Date: Tue, 01 Oct 2024 08:14:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
last-modified: Thu, 26 Sep 2024 15:25:02 GMT
Server: nginx

GET
H2 200 NotoSansCJKjp-MediumSubset.woff
gcxiu.com/style/font/ 397 KB
398 KB 2290ms
2290ms Font
font/woff 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/style/font/NotoSansCJKjp-MediumSubset.woff
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://gcxiu.com
Referer: https://gcxiu.com/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406932
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"406932-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET
H2 200 f.js Show response
static.fraud-alert.net/ 56 KB
20 KB 155ms
4ms Script
application/javascript 2600:9000:26a7:5200:10:3572:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fraud-alert.net/f.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/fraudalert_form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a7:5200:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

x-amz-cf-pop: NRT20-P2
content-encoding: gzip
etag: W/"f98f7793266711a8689fe211e9d65b52"
age: 15529
via: 1.1 42b92ae8bb54f13ac39836083e7dc256.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 6tSg-jugtnXCCGPnXqxgGFNPHo08W6RrbBFCHRuWwuKyFQyIonX1Aw==
date: Tue, 01 Oct 2024 03:55:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 22 Oct 2023 12:05:34 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 arrow_gray.svg
gcxiu.com/style/img/ 539 B
588 B 2204ms
2203ms Image
image/svg+xml 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcxiu.com/style/img/arrow_gray.svg
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 539
date: Tue, 01 Oct 2024 08:14:30 GMT
etag: W/"539-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

POST
H2 200 accept Show response
p.fraud-alert.net/ 31 B
510 B 166ms
5ms XHR
text/plain 3.164.110.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.fraud-alert.net/accept
Requested by: Host: static.fraud-alert.net
URL: https://static.fraud-alert.net/f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.110.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-110-102.nrt12.r.cloudfront.net
Software: /
Resource Hash: 5730c20f4c59d43a6ee22a2e1e2105c4df653fa049365493ff3ae59681617bc9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://gcxiu.com/

Response headers

access-control-allow-credentials: true
via: 1.1 3b2eef144c7f8e5b4642542316d6f5f8.cloudfront.net (CloudFront)
access-control-allow-origin: https://gcxiu.com
x-cache: Miss from cloudfront
content-length: 31
x-amz-cf-id: V0ltiy0ZrC-p00bXvflaqqtrAisAbarbVPAD3Ehl5lvKIDp-dOIVcA==
date: Tue, 01 Oct 2024 08:14:30 GMT
x-amz-cf-pop: NRT12-P2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 97ms
44ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14077821&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58e6a3e299903aec7e2f86ca4a1ffe3d1b735fe5b9ec134b8aa235fb5c14f6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80046
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
11 KB 16ms
4ms Script
application/javascript 182.22.28.252
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.22.28.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: faa3e3dda438c6d861dd2b0ffd95d135c5638fc51d8c982286aa48a87a0eabf0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 129
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10570
date: Tue, 01 Oct 2024 08:12:26 GMT
last-modified: Thu, 29 Aug 2024 06:42:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nghttpx
x-ntap-sg-trace-id: 54c5b1ec541eee1d

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 90ms
42ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e34e8bda8eca4f79e97d123a12b45186e4a8570a735f994c8360acd569673bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91515
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 96ms
48ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8c060726a532ebef5758c585eae111b4d0f26232911c39ef68922e1e19f508c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89335
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 43ms
25ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E20D527244D4E35BA41B0EED464BF8D Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Tue, 01 Oct 2024 08:14:34 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 95ms
49ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3310269d49fadc8992211db70e4f0c643a1d18de29a950ab997664d9dab934d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89365
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 94ms
50ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7719bc0835cef0ccd9589d84af843378288ca574b7fac7633794c8a1e369154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89431
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 89ms
45ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cee19a70b9a42c623fa521a6f6dec0c92621af0837c0aea8af577d765305161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89421
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
89 KB 90ms
88ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709179453

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d76e527fa361e2dd9d637cb1757bc92f4ca12efb6447fb3f74235f239e7bc67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91424
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 100ms
98ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723623815

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e138b0b6f3a1ef325da049dbf9b8f25d068ff914ecdfc4c5656b8e4fd3cfb42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86273
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.js Show response
ob.segreencolumn.com/i/ 108 KB
40 KB 22ms
3ms Script
text/javascript 2600:9000:20e4:1a00:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:1a00:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 51ae2f5a753c96b5c70779481552f3636df036952791a90c7853af58c73a35f9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1ae5b-YGTsV4Kh386LbDpwhQvf4aaoogg"
age: 11189
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
expires: Tue, 01 Oct 2024 17:08:06 GMT
x-cache: Hit from cloudfront
content-length: 40308
x-amz-cf-id: p82b3WM5rOY_bEP2byiEe-uMgT_EuqDiSw2MNP30_LO9rJX_D7JImQ==
date: Tue, 01 Oct 2024 05:08:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: NRT20-C2

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 22ms
6ms Script
application/javascript 23.62.185.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.185.138 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-185-138.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: gzip
x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
expires: Thu, 17 Oct 2024 00:36:06 GMT
x-rgw-object-type: Normal
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: max-age=1354891
x-amz-request-id: tx00000a010788432711387-00651a6065-13de0d6f-jp2
accept-ranges: bytes
content-length: 9865
server: VOS

GET
H2 200 pixel.js Show response
cdn.smartnews-ads.com/i/ 5 KB
2 KB 23ms
4ms Script
application/javascript 23.40.192.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartnews-ads.com/i/pixel.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.192.29 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-192-29.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: max-age=270
content-encoding: gzip
x-amz-meta-version: 8.4.6
etag: "709c82eb76cb41d00bb431534c33b6ff"
x-amz-version-id: U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj
expires: Tue, 01 Oct 2024 08:19:05 GMT
accept-ranges: bytes
content-length: 1922
date: Tue, 01 Oct 2024 08:14:35 GMT
last-modified: Mon, 21 Nov 2022 09:11:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 17ms
7ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

57e4fab3e926d0392dfc236b18cc28628abf957efe96c5d5a592b617ec108a90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4405, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: +s7h2KYfjb8VH2W2vOk0vsdB+cV8U6Abkeg7ik5Sob6lf8m6n2K0Xr2FOC9emKFZutOaGqSCquFngDoZjXNtzQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0

GET
H2 200 adme_tk.neo Show response
tk.csolution.jp/ 1 KB
2 KB 44ms
19ms Script
binary/octet-stream 13.225.183.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.csolution.jp/adme_tk.neo
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.183.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-44.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

etag: "01b42b52842905b667f426f1145dfab9"
via: 1.1 3314774a1e77e48ceae8fcb305dccf48.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 1231
x-amz-cf-id: 702pQwLcNCmDMVlERGaAz0Eoj56jowDiPczOhdXkvWIik9mi0Lf9_Q==
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: binary/octet-stream
last-modified: Tue, 14 Jan 2020 06:27:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C4

GET
H2 200 vclp.js Show response
trj.valuecommerce.com/ 4 KB
5 KB 19ms
4ms Script
application/javascript 2600:9000:208e:dc00:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trj.valuecommerce.com/vclp.js
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208e:dc00:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
x-goog-hash: crc32c=OgAn0A==, md5=kCQf0OwmWvrHxLOR4fgqqw==
etag: "90241fd0ec265afac7c4b391e1f82aab"
age: 156
x-goog-stored-content-encoding: identity
expires: Tue, 01 Oct 2024 08:16:59 GMT
x-goog-stored-content-length: 3874
x-cache: Hit from cloudfront
x-amz-cf-id: eI9pxoyefzZyJIGcQ6aZ-Pf-5PtTR3a-0VO2Is65Xy6R6oeGXPzS6g==
date: Tue, 01 Oct 2024 08:11:59 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 07:06:52 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljv94MgwWfLEw_rKifdBEpbZxWvv1ALX6Y0McaFo1CsqjYHI8BAb-Q3gfce11lyrDZ3prg
cache-control: max-age=300
x-goog-storage-class: REGIONAL
via: 1.1 6fc9bea777dbb883661b140062657912.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1642403212642544
content-length: 3874
x-amz-cf-pop: NRT20-C3
server: UploadServer

GET
H2 200 8c9dd94c00f839.js Show response
cdn.kaizenplatform.net/s/df/ 317 KB
101 KB 21ms
7ms Script
application/javascript 118.215.185.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 118.215.185.125 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a118-215-185-125.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18feb6ecb24ef112ba8662cb6227b45ba57f716feb9cce74e328808b3d64ff7a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "f8bee66bc8c7429e3dc32eb70ac8a42d"
x-amz-version-id: null
access-control-allow-methods: GET
date: Tue, 01 Oct 2024 08:14:35 GMT
last-modified: Tue, 20 Aug 2024 07:03:27 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-id-2: y05YyTQGVHzPQqAoWGyyp+bCz4922vnLVsMXKmp7Qvt5HvROBN09cdDJIt1T8q547fVGqRDvc+Q=
cache-control: max-age=300
x-amz-request-id: B2CF9A7N3NR0BDRJ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102766
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.html
obs.segreencolumn.com/ns/ 0
250 B 550ms
213ms Image
text/html 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/ns/ad1f1040ad9ca638cc6ee793ef48a4f6.html?ch=cheq4ppc&gtmcb=412472107
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 01 Oct 2024 08:14:35 GMT
pragma: no-cache
content-type: text/html
cross-origin-resource-policy: cross-origin

GET
H/1.1 200
OK conversion_async.js Show response
b99.yahoo.co.jp/pagead/ 56 KB
22 KB 85ms
69ms Script
text/javascript 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to

Full URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

509666e9a89868dcf3726ac352ec4cf979c876074fd29f33db4910cccc60be25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Content-Encoding: br
ETag: 6558362713863801455
Age: 0
X-Content-Type-Options: nosniff
Expires: Tue, 01 Oct 2024 08:14:35 GMT
Date: Tue, 01 Oct 2024 08:14:35 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Disposition: attachment; filename="f.txt"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
X-XSS-Protection: 0
Server: cafe

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 50ms
16ms Fetch
text/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727770475.7572584&pvid=q6utmzzl7mbm1q5xiza&__lt__cid_valid=false&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://gcxiu.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 54ms
20ms Fetch
text/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727770475.7464259&pvid=q6utmzzl7mbm1q5xiza&su=0f3b5cd0-d8e9-467a-ac6f-8fd2dc8ff952&__lt__cid_valid=false&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://gcxiu.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 56ms
22ms Fetch
text/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727770475.9392393&pvid=q6utmzzl7mbm1q5xiza&su=0f3b5cd0-d8e9-467a-ac6f-8fd2dc8ff952&__lt__cid_valid=false&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://gcxiu.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 18ms
3ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=5815ccb4-e1af-4022-8cae-eb3e4f2291ca&b_u=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&b_d=gcxiu.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=1e238657-17de0608&x4=100&e=pv&v=3.4.1&_t=1727770475370
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Tue, 01 Oct 2024 08:14:35 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 12ms
4ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=5815ccb4-e1af-4022-8cae-eb3e4f2291ca&b_u=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&b_d=gcxiu.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=9dd1ca22-3499-4044-8a02-0c2d3241b696&s_id=1e238657-17de0608&x4=400&e=pv&v=3.4.1&_t=1727770475372
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Tue, 01 Oct 2024 08:14:35 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 p
i.smartnews-ads.com/ 2 B
624 B 58ms
7ms Image
text/plain 52.198.29.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1727770475&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=6c4c919c-1f60-40c2-b4d9-c7cca3879091
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.29.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-29-63.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H/1.1 200
OK smallest.png
i6.smartnews-ads.com/ 95 B
474 B 14ms
2ms Image
image/png 2600:140b:1a00:7a6::322
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1727770475&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=6c4c919c-1f60-40c2-b4d9-c7cca3879091
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:7a6::322 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

ETag: "71a50dbba44c78128b221b7df7bb51f1"
Connection: keep-alive
x-amz-request-id: TN5AEQEBQ9JE8XDA
Accept-Ranges: bytes
Content-Length: 95
Date: Tue, 01 Oct 2024 08:14:35 GMT
Last-Modified: Wed, 09 Feb 2022 07:40:21 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: aQtfWRcT8Dn65MbCF1IBvOuo/X472wwGw0M1aHgbpsf88mROFDtth8FDqYZC3Qjqoogb/OZ7dow=

GET
H2 200 p
i.smartnews-ads.com/ 2 B
625 B 41ms
7ms Image
text/plain 52.198.29.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=20e53d0c41d51e3a8a128563&t=1727770475&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=6c4c919c-1f60-40c2-b4d9-c7cca3879091
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.29.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-29-63.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H/1.1 200
OK smallest.png
i6.smartnews-ads.com/ 95 B
474 B 3ms
2ms Image
image/png 2600:140b:1a00:7a6::322
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=20e53d0c41d51e3a8a128563&t=1727770475&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=6c4c919c-1f60-40c2-b4d9-c7cca3879091
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:7a6::322 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

ETag: "71a50dbba44c78128b221b7df7bb51f1"
Connection: keep-alive
x-amz-request-id: TN5AEQEBQ9JE8XDA
Accept-Ranges: bytes
Content-Length: 95
Date: Tue, 01 Oct 2024 08:14:35 GMT
Last-Modified: Wed, 09 Feb 2022 07:40:21 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: aQtfWRcT8Dn65MbCF1IBvOuo/X472wwGw0M1aHgbpsf88mROFDtth8FDqYZC3Qjqoogb/OZ7dow=

GET
H2 200 97022402.js Show response
bat.bing.com/p/action/ 370 B
425 B 22ms
21ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97022402.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D04D201976934383B04C7337B6B15622 Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 ct Show response
obs.segreencolumn.com/ 4 KB
2 KB 405ms
217ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=46070&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1727770475531&hl=2&op=0&ag=2608452131&rand=6382601002509882655707212062106903081537125217031865922665659377077016726792091715190&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDIyODddLFsiYWJuY2giLDI5XSxbLTEsIi0iXSxbLTQsIjxodG1sPjxoZWFkPlxuICAgICAgPCEtLSBHb29nbGUgVGFnIE1hbmFnZXIgLS0%2BXG4gICAgICA8c2NyaXB0IHNyYz1cIi8vYmF0LmJpbmcuY29tL2JhdC5qc1wiIGFzeW5jPVwiXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vZC5saW5lLXNjZG4ubmV0L24vbGluZV90YWcvcHVibGljL3JlbGVhc2UvdjEvbHQuanNcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9mYmV2ZW50cy5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCIvL2Nkbi5zbWFydG5ld3MtYWRzLmNvbS9pL3BpeGVsLmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vZC5saW5lLXNjZG4ubmV0L24vbGluZV90YWcvcHVibGljL3JlbGVhc2UvdjEvbHQuanNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcy55aW1nLmpwL2ltYWdlcy9saXN0aW5nL3Rvb2wvY3YveXRhZy5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RhZy9kZXN0aW5hdGlvbj9pZD1BVy03MjE0ODQ1MTQmYW1wO2w9ZGF0YUxheWVyJmFtcDtjeD1jXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndGFnL2Rlc3RpbmF0aW9uP2lkPUFXLTcyMTUyMTIyMCZhbXA7bD1kYXRhTGF5ZXImYW1wO2N4PWNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcy55aW1nLmpwL2ltYWdlcy9saXN0aW5nL3Rvb2wvY3YveXRhZy5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9zLnlpbWcuanAvaW1hZ2VzL2xpc3RpbmcvdG9vbC9jdi95dGFnLmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndGFnL2Rlc3RpbmF0aW9uP2lkPUFXLTg1NjQ3OTQwNiZhbXA7bD1kYXRhTGF5ZXImYW1wO2N4PWNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vYmF0LmJpbmcuY29tL2JhdC5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RhZy9kZXN0aW5hdGlvbj9pZD1BVy03MjExNTkwNjUmYW1wO2w9ZGF0YUxheWVyJmFtcDtjeD1jXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndGFnL2Rlc3RpbmF0aW9uP2lkPUFXLTcwOTE3OTQ1MyZhbXA7bD1kYXRhTGF5ZXImYW1wO2N4PWNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcy55aW1nLmpwL2ltYWdlcy9saXN0aW5nL3Rvb2wvY3YveXRhZy5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9zLnlpbWcuanAvaW1hZ2VzL2xpc3RpbmcvdG9vbC9jdi95dGFnLmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdtYW5hZ2VyLmNvbS9ndGFnL2pzP2lkPURDLTE0MDc3ODIxJmFtcDtsPWRhdGFMYXllciZhbXA7Y3g9Y1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgZGVmZXI9XCJcIiBzcmM9XCJodHRwczovL3N0YXRpYy5mcmF1ZC1hbGVydC5uZXQvZi5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJqcy9ndG0uanM%2FaWQ9R1RNLVQ0RlNDIl0sWy03LCItIl0sWy0yMywiKyJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy01MCwiLSJdLFstNSwiLSJdLFstMjUsIi0iXSxbLTQwLCIzMyJdLFstNTIsIi0iXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZEtYQmtSVVUxTlNVb0RGaFpXV3hkS1hGNUxYRnhYV2xaVlRGUlhGMXBXVkJaUUZsaGRDRjhJQ1EwSldGMEFXbGdQQ2dGYVdnOWNYQTRBQ2x4ZkRRRllEVjhQRjFOS0F3Z0REd0VJQ2c0UUZWaE5HVXNaRVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWllYUWhmQ0FrTkNWaGRBRnBZRHdvQldsb1BYRndPQUFwY1h3MEJXQTFmRHhkVFNnTUlBdzRMRGc9PSJdLFstNjAsMjA3XSxbLTY4LCItIl0sWy04LCItIl0sWy0yMCwiLSJdLFstMzEsImZhbHNlIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwxLDAsMCwwLDc3MCwxMDcsMTEzLC0xLDAsMjg5Ni41LDI4OTYuNSw4MjQ3LDgyNDciXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTI5LCItIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00NiwiMCJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTYsIntcIndcIjpbXCIxXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstMTQsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy02MywiLSJdLFstNjUsIi0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy01NSwiMSJdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTJ8fDAiXSxbLTcwLCItIl0sWy0yLCI2LGVZRkZYMlBueHVxdXFleUFCRFRtSkN3SnpXaks0NXJhNmk3cTRCODVyWG5CWE1lZFUxNXpXdkNRTmlYSE5lTVFJS0lsa2tUZXhRVlRmK2Y2ZXFhNlptQUVXLzUydWRwOE4wTnoiXSxbLTE2LCIwIl0sWy0zMywiLSJdLFstNDEsIi0iXSxbLTQ0LCIwLDAsMCw1Il0sWy02NywiMjUzMjMxMjg4ODoyMyJdLFstMTcsIjEyIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEwIl0sWy01NCwie1wiaFwiOltdLFwiZFwiOltdLFwiYlwiOltcIl8xXCIsXCIyNTg2Nzg2OTYxXCJdLFwic1wiOjF9Il0sWy05LCIrIl0sWy0xNSwiLSJdLFstMTgsIlswLDAsMCwxXSJdLFstMzAsIltcInZcIiwwXSJdLFstMzIsIi0iXSxbLTM1LCJbMTcyNzc3MDQ3NTUwMCwtOV0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00NSwiNjQyLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDcsIkFzaWEvVG9reW8samEsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy01MSwiLSJdLFstNjIsIjgwIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFstMTAsIi0iXSxbLTEyLCJudWxsIl0sWy0xOSwiWzQwLDQwLDQwLDQwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjg1LDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTM0LCItIl0sWy00OSwiLSJdLFstNTgsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbImJuY2giLDE1Ml0sWy0xMywiLSJdLFstMjEsIi0iXSxbLTI0LCJbXSJdLFstMjYsIntcInRqaHNcIjoxNDgwNzM0OCxcInVqaHNcIjoxMTU0OTg0OCxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMjgsImVuLVVTLGVuIl0sWy01MywiMTAwIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbImRkYiIsIjAsNiwwLDEsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMiw3LDEsMTYsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMTAsMCwwLDAsMCwwLDAsMjMsMCwwLDEsMSJdLFsiY2IiLCIwLDAsMCwwLDAsMSwwLDAsMCw0LDAsMCw2LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwwLDAsMCwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=qZeSBV7qio&pto=8345&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1727770475.7UWnvhKWApMGMh1U&suid=1.1727770475.j4BHJKI481vPx2ql&tuid=1.1727770475.QVrgkSXHR1bpqQaT&fbc=-&gtm=W10%3D&it=46%2C8146%2C36&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: b82cfc9414a9ba84ada5d2536b92138069c4eb1a8bdcdf39f3aa44541f48c495

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://gcxiu.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1704
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: text/javascript

GET
H2 200 97114338.js Show response
bat.bing.com/p/action/ 370 B
396 B 23ms
22ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97114338.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19A8CF4AE3EA46EF858F1020B4890B08 Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050327.js Show response
bat.bing.com/p/action/ 370 B
395 B 23ms
22ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9CD28030D3C243AEA836F99C0232192A Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050325.js Show response
bat.bing.com/p/action/ 370 B
396 B 22ms
22ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050325.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 66C1202E2D4C4B45B269B479AEE6B498 Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 594307549455110 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 146ms
146ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/594307549455110?v=2.9.169&r=stable&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

2c767b9f6eeaaeb265ad99d629755322e207a8246cbedf69e4894b005bad58b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=68, mss=1232, tbw=67203, tp=63, tpl=0, uplat=142, ullat=0
pragma: public
x-fb-debug: l65F+S6GEVtJxCh//lv+oQNveZyslnGs/By1PwzQ+eH2SIZrjStbQkz8dmKttgBf1t7s8Cqoqe11k/iF1q7mVw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 93ms
50ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1727770475578&cv=11&fst=1727770475578&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

e15c03afbe9c07a6604f3fb95c8671c972fc3adf4a7aa86bb96d034385499d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2353
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 709179453
td.doubleclick.net/td/rul/ Frame 3319 0
0 141ms
96ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1727770475578&cv=11&fst=1727770475578&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 53ms
52ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727770475630&cv=11&fst=1727770475630&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

f298fc5b7d772c00a37ec87f3e1591636d7c806e9fe7b60d949d7935a1b33da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2351
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame B126 0
0 87ms
86ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727770475630&cv=11&fst=1727770475630&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 51ms
51ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727770475656&cv=11&fst=1727770475656&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

14524dd539fcc2ffd55d6b2296fa21eb821962d0b0b38e132a3872fa68469407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2352
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame 5553 0
0 86ms
85ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727770475656&cv=11&fst=1727770475656&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 5 KB
2 KB 50ms
50ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1727770475672&cv=11&fst=1727770475672&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

5db6af7eeb8db4d129f28994aea29b99381c0f5ad165145eb33a11466cbfbad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2363
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 856479406
td.doubleclick.net/td/rul/ Frame BBCA 0
0 95ms
94ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727770475672&cv=11&fst=1727770475672&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 5 KB
2 KB 50ms
49ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1727770475710&cv=11&fst=1727770475710&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

b974b15d71b864c662cbf4b7ec851f7627338a1dbebf641c04a1a9c85e7b606d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2349
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721159065
td.doubleclick.net/td/rul/ Frame CA78 0
0 85ms
85ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1727770475710&cv=11&fst=1727770475710&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 5 KB
2 KB 51ms
50ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1727770475748&cv=11&fst=1727770475748&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

36764538475ed686e610797186c270c6613158a82d8ee661fe062164cc2fc3d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2361
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721521220
td.doubleclick.net/td/rul/ Frame 6856 0
0 105ms
104ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727770475748&cv=11&fst=1727770475748&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
362 B 23ms
22ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97022402&Ver=2&mid=9877462f-2832-4678-9b33-00ff31870e6a&sid=3220b0507fcd11ef83879977c39d0d5e&vid=3220bda07fcd11efa16615147d00deef&vids=1&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=3036&evt=pageLoad&sv=1&cdb=AQAQ&rn=129558

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DACBEB2802DB40FD82EBC47D4FDF8186 Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088130/ 42 B
742 B 61ms
57ms Image
image/gif 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1727770475798&cv=9&fst=1727770475798&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 01 Oct 2024 08:14:35 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 48ms
47ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1727770475827&cv=11&fst=1727770475827&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

957e9a8afc16d61e09074aae12ff0c72d7bc818b088acf6c91b95fc201163250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2357
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709179453
td.doubleclick.net/td/rul/ Frame 4E68 0
0 59ms
59ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1727770475827&cv=11&fst=1727770475827&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
85 KB 44ms
43ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91abd6dde757fc8d88ec57bb9a16916c79bac9686f4df63278e5cdc2e40913a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86408
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 48ms
47ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41bff8273586283bac1a552096b7ec5d2ea54d22e56d313847a474cb98e497d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86403
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
85 KB 44ms
43ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc851eb54c6e8bb87d0650e2e30e767b97ec10f34f87efe1e019e1a94b2d0538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86407
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 77ms
77ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92ecd16fb9172548717e5c6711cfaf1db2fa6a64e839770e629af3c6202c4b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89362
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/ 5 KB
2 KB 50ms
50ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/?random=1727770475857&cv=11&fst=1727770475857&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

bbf9677fcbaed11ae4904aac81218802a635075f6b0ce772b9b76b012abd1b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2357
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 723623815
td.doubleclick.net/td/rul/ Frame A482 0
0 56ms
55ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/723623815?random=1727770475857&cv=11&fst=1727770475857&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 65ms
65ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f58e1449f7c4fbe34d484b7a884794e61c28e501ca5e62aa009d4d824f645cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86406
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 95ms
9ms Image
image/png 3.114.202.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.114.202.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-202-197.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d79ae359809479da6c061d5e54722efa2c983b3a42f13b99bc29c6bfdb64735

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin: https://gcxiu.com
Referer: https://gcxiu.com/

Response headers

front-end-https: on
cache-control: max-age=63072000, private
expires: Thu, 01 Oct 2026 08:14:35 GMT
access-control-allow-origin: *
content-length: 107
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: image/png
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx

POST
H2 200 event Show response
log-v4-insight.kaizenplatform.net/kz/insight/ 254 B
476 B 82ms
13ms XHR
application/json 54.65.163.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log-v4-insight.kaizenplatform.net/kz/insight/event
Requested by: Host: cdn.kaizenplatform.net
URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.163.228 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-163-228.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 47833524b991ce077e9a2b65ddef8eb2d583c66e751013023a5e495200a93d01

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache,max-age=0
access-control-allow-credentials: true
expires: Thu, 31 Oct 2024 08:14:35 GMT
access-control-allow-origin: https://gcxiu.com
content-length: 254
p3p: CP="CAO PSA OUR"
date: Tue, 01 Oct 2024 08:14:35 GMT
content-type: application/json
vary: Origin

GET
H2 204 0
bat.bing.com/action/ 0
238 B 23ms
22ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97114338&tm=gtm002&Ver=2&mid=aba8619a-b825-47c9-83b8-0038eebf4814&sid=3220b0507fcd11ef83879977c39d0d5e&vid=3220bda07fcd11efa16615147d00deef&vids=0&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=3036&evt=pageLoad&sv=1&cdb=AQAQ&rn=438960

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 90674379F7C540E9824644B52AE1A74E Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT

GET
H2 204 0
bat.bing.com/action/ 0
238 B 23ms
22ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050327&tm=gtm002&Ver=2&mid=72b8b919-e64d-4653-b468-313cd80eae81&sid=3220b0507fcd11ef83879977c39d0d5e&vid=3220bda07fcd11efa16615147d00deef&vids=0&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=3036&evt=pageLoad&sv=1&cdb=AQAQ&rn=958898

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA3D6FB563C649B49FC0D7E92102BC4A Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT

GET
H2 204 0
bat.bing.com/action/ 0
238 B 22ms
22ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050325&tm=gtm002&Ver=2&mid=5151ef7e-eb27-41fa-89bb-cc87740ac2d0&sid=3220b0507fcd11ef83879977c39d0d5e&vid=3220bda07fcd11efa16615147d00deef&vids=0&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=3036&evt=pageLoad&sv=1&cdb=AQAQ&rn=47530

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4701CD2DC6E4A929D315EC107CE4218 Ref B: TYO201151004034 Ref C: 2024-10-01T08:14:35Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 08:14:35 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 102ms
53ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1727770475578&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfoQ6bqDGIPpoP45uT01y4njkG3U_j-w&random=2221229173&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709179453/ 42 B
64 B 85ms
42ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1727770475578&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfoQ6bqDGIPpoP45uT01y4njkG3U_j-w&random=2221229173&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 101ms
54ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727770475630&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfGFHMbcxbyXAjNktSwDlK1CqZvgE2dA&random=741018516&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721484514/ 42 B
64 B 85ms
43ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1727770475630&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfGFHMbcxbyXAjNktSwDlK1CqZvgE2dA&random=741018516&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 97ms
49ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727770475656&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfH3KvP41TY0kQYB2Tt_s5LXNTh9tiZg&random=608039244&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721484514/ 42 B
64 B 85ms
43ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1727770475656&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfH3KvP41TY0kQYB2Tt_s5LXNTh9tiZg&random=608039244&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 2401863046519079 Show response
connect.facebook.net/signals/config/ 35 KB
6 KB 134ms
134ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519079?v=2.9.169&r=stable&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

5dd2fe79734336639eef5babbf1c02cadcaaf6d624d0fc41a67e7aeb1748ac67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=81, mss=1232, tbw=83345, tp=79, tpl=0, uplat=130, ullat=0
pragma: public
x-fb-debug: kBR6Apm0+CuQeOaPrs29cIzLKwbY2qXS1QvMaAJ7ixcXGMLxZtIxPhgnqj579zA3gmJ/oFms6B2R4gdqYFg0Xw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 75ms
48ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1727770475672&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfdonyAchA5_rxxIyYd3H7U7rkHZUnyw&random=3991308786&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/856479406/ 42 B
64 B 62ms
50ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/856479406/?random=1727770475672&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfdonyAchA5_rxxIyYd3H7U7rkHZUnyw&random=3991308786&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 64ms
50ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1727770475710&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfrjnB46RE9abo0K0ky2V353gxNR8RJw&random=3867420097&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721159065/ 42 B
64 B 43ms
42ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1727770475710&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfrjnB46RE9abo0K0ky2V353gxNR8RJw&random=3867420097&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 51ms
51ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1727770475748&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnflVkcvcg2p8kKp539RdM-fXVUSfEVuA&random=147239616&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721521220/ 42 B
64 B 47ms
47ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721521220/?random=1727770475748&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnflVkcvcg2p8kKp539RdM-fXVUSfEVuA&random=147239616&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 48ms
48ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1727770475827&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfHlja1nMqkd7Z5tAp7FZyjV1A26wvsA&random=2249062466&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709179453/ 42 B
64 B 45ms
45ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709179453/?random=1727770475827&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfHlja1nMqkd7Z5tAp7FZyjV1A26wvsA&random=2249062466&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/723623815/ 42 B
64 B 46ms
46ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/723623815/?random=1727770475857&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfOcZOzwvSpu0yVz1YLovkmbuZyv56DA&random=3665607820&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/723623815/ 42 B
64 B 45ms
45ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/723623815/?random=1727770475857&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfOcZOzwvSpu0yVz1YLovkmbuZyv56DA&random=3665607820&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/ 5 KB
2 KB 49ms
48ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/?random=1727770475952&cv=11&fst=1727770475952&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8066c8aba3ffc242097ecc224ce699836686e8877732722fd068e5beebd206dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2365
date: Tue, 01 Oct 2024 08:14:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709209482
td.doubleclick.net/td/rul/ Frame CCA0 0
0 64ms
62ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709209482?random=1727770475952&cv=11&fst=1727770475952&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 12ms
2ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D594307549455110%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fgcxiu.com%26rl%3D%26if%3Dfalse%26ts%3D1727770475920%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1727770475917.268379098152070335%26pm%3D1%26hrl%3D4d5973%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26cs_cc%3D1%26exp%3Df1&rqm=GET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 137ms
128ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727770475920&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4124&fbp=fb.1.1727770475917.268379098152070335&pm=1&hrl=4d5973&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&cs_cc=1&exp=f1&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: LeKd075Jqes/mLCkHTVMuQEcTmVps/Yt0JdfCGgnvmxN6v6NAlFyXPL4wXHCAo1HZzHw21tEKnXjw4Bi+ARfZg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3129, tp=-1, tpl=-1, uplat=125, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/ 5 KB
2 KB 49ms
49ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/?random=1727770475996&cv=11&fst=1727770475996&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

8950b10e398d61c2c824fabe07fc8b03aa16332080ca0f35457abe40feadd43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2367
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 612303449
td.doubleclick.net/td/rul/ Frame 4C77 0
0 69ms
68ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/612303449?random=1727770475996&cv=11&fst=1727770475996&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/ 5 KB
2 KB 49ms
49ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/?random=1727770476036&cv=11&fst=1727770476036&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a4ff4a2e224200c44f48e5f94fcc3fc3c1976b82ad7a5438ce7e29ee03007efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2367
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 942787950
td.doubleclick.net/td/rul/ Frame 5D0B 0
0 55ms
54ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/942787950?random=1727770476036&cv=11&fst=1727770476036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 5 KB
2 KB 56ms
56ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1727770476074&cv=11&fst=1727770476074&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

3d763c629470c489961eb3a060b28cb8ce25930ec9151976c00e95cc5be860ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2368
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721159065
td.doubleclick.net/td/rul/ Frame C3F3 0
0 62ms
62ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1727770476074&cv=11&fst=1727770476074&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 64ms
64ms Script
application/javascript 142.250.76.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7732039ccec1ef0477d9eefa6fd8c61b8edaf12644d84e6463a891767e5d983a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89369
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 52ms
52ms Script
application/javascript 142.250.76.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3af408e83ac4940bc1afc6ca0a229c744cad5d23a075fb2c6ebf7c48b98fd67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89392
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 53ms
53ms Script
application/javascript 142.250.76.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

96a79368873fdded69380614834f0749dfaaafdd772eae7f52714514dbb42553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 08:14:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89379
x-xss-protection: 0
server: Google Tag Manager

GET e1a190bb-33b2-44de-a1d5-7a93884d72a4
https://gcxiu.com/ Frame 0
0

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/721484514/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIs...
https://www.google.co.jp/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhM...

42 B
64 B

48ms
48ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIsY_zy97siAMV-soWBR2nnQQVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfybRXqozbboow8CaRzcyu24f6v179lg&random=1884432140&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1596535564&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIsY_zy97siAMV-soWBR2nnQQVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfybRXqozbboow8CaRzcyu24f6v179lg&random=1884432140&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/721521220/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1J...
https://www.google.co.jp/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI...

42 B
64 B

45ms
44ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1JHzy97siAMV8coWBR2oOiLHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfT8rM2u0Js-weeLey3vZFHNgSyYx2jw&random=82316357&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=857778455&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI1JHzy97siAMV8coWBR2oOiLHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfT8rM2u0Js-weeLey3vZFHNgSyYx2jw&random=82316357&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/856479406/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscr...
https://www.google.co.jp/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&ps...

42 B
64 B

45ms
45ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscrd=IhMIqvzyy97siAMV4cgWBR0kXTZ7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf7Qn_IEHKQHMROdOcTB416x8YSgZO_Q&random=1346989391&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1858946857&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQI&pscrd=IhMIqvzyy97siAMV4cgWBR0kXTZ7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf7Qn_IEHKQHMROdOcTB416x8YSgZO_Q&random=1346989391&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
102 B 168ms
167ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e9c032ea438d989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a178d6a2717071a10acf9f29f671a85d0dd062f6c12fe2976558f3edb60c006320525c703520a360009c2bc3f1e77be26bb25cb43e2913bf05365ac5c7e721bda53e846f497d7de69bb2807ff7ecaa8556d8e0e3143714493d60265a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c75ab1171f88ab7e4148f18fd5fbc4bac102463c6b427783f155eea6499c140ab512585c2e232321932be9f3e51cbc0004b4d11237c52e3912a607819a5e4487c9cb38e56f49d276e0d70f2fdf084ef22ed868143fb30c91a7d3b92b685b4f22a91c2e07bea6c5c88a59c33191382606ba0807735b889b92d9000ff42ac850ade5d899a3ed63227c2cb718d6d9980baf3dde7e0107ef12ae3b8f8200736e8da3090b24ae5451357c54148db85c39092aed56a98649089a58638b63c7122926a3accd9dc4b26cae364e700ea9c00987aaa764e075cdd24ff439cc1a93fe0d776870ce08ccdd66bce01153ca61054523e113eef9e23fa05d48cdf70ebde72fed0748fcca9ee7a8bb7f74f616ec8b11e0495f7085042acace33ef17b9eaa1cbcf232a022f177cc0485508ef762d51035babc8e74686e135f735e0253d3b59e66c01fa5595c157b8be8168ac65c75aaaad5a8a17edeffa6a094f2c4f2484620f84580aa5a6f805f6619df7f5c716cf67bb37719c2e9c97f8b60d7268ab72dcdb80e9b670e2120017b0f9dc0e4d83467549a184095cfd8a7adc9540c82adba7c95d36e7cd9d67f207badd4800233bd3584419e1de1389c15dbcc14fda43587fcd694c03c059ea04614ff2ea7e8a2b704df296d42179e7a424eb0a45d88eb13ca9d9ccd4a9783f54b744c3eba35aa43ca1db0c035842e51650463296deb488f9f3252bb68c7a0f531deca53ed1231f84a1f44e78ad0581aaf10a4ea02c61573401cae3147efb3c52a8f0e2c90850fb38b8cbbd13e850e04664cad294707cbc95302a836e6e2d379da91fe045e7fab763248599e055ae785fc584cc52063d9948448d5c6fa921b30b030a71535159f1f3175d4cc161ec885b694f0b810e233ba7c8a6692cd10ceede4396eb9d352c89fa2a095b0c4c73d428cef3947c27ceb4aef02beb770f1919ac77be4d789bbae0b&cri=qZeSBV7qio&ts=593&cb=1727770476124
Requested by: Host: gcxiu.com
URL: https://gcxiu.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Tue, 01 Oct 2024 08:14:36 GMT
pragma: no-cache
content-type: image/gif

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088130/ 42 B
742 B 58ms
54ms Image
image/gif 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1727770476139&cv=9&fst=1727770476139&num=1&fmt=3&guid=ON&disvt=false&eid=466465925%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=cheq_invalidUsers%3Dtrue&frm=0&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 01 Oct 2024 08:14:36 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088208/ 42 B
742 B 59ms
56ms Image
image/gif 182.22.30.220
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088208/?random=1727770476140&cv=9&fst=1727770476140&num=1&fmt=3&guid=ON&disvt=false&eid=466465925%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=cheq_invalidUsers%3Dtrue&frm=0&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

182.22.30.220 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 01 Oct 2024 08:14:36 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET f4eaad56-cde0-4ae9-9c49-4424ca53bbce
https://gcxiu.com/ Frame 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/ 5 KB
2 KB 51ms
50ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/?random=1727770476153&cv=11&fst=1727770476153&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

6d7d78790ce47a9f461a18910d2a1a198323b8c2b8c7d4cb73ac2c3bb498cd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2367
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721477044
td.doubleclick.net/td/rul/ Frame 589D 0
0 55ms
54ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721477044?random=1727770476153&cv=11&fst=1727770476153&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 19ms
18ms Fetch
text/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727770476.3105395&pvid=q6utmzzl7mbm1q5xiza&su=0f3b5cd0-d8e9-467a-ac6f-8fd2dc8ff952&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://gcxiu.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 33ms
32ms Fetch
text/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727770476.9248955&pvid=q6utmzzl7mbm1q5xiza&su=0f3b5cd0-d8e9-467a-ac6f-8fd2dc8ff952&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://gcxiu.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H3 200 /
www.google.com/pagead/1p-user-list/709209482/ 42 B
64 B 52ms
52ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709209482/?random=1727770475952&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfocoutV0lwneJezFtQM2rloK0ouClDQ&random=2242675225&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/709209482/ 42 B
64 B 45ms
44ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/709209482/?random=1727770475952&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfocoutV0lwneJezFtQM2rloK0ouClDQ&random=2242675225&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/612303449/ 42 B
64 B 49ms
48ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/612303449/?random=1727770475996&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfMRbhg9ZEJCCD-qhD2mk2qtoVNZCF0g&random=4038284943&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/612303449/ 42 B
64 B 46ms
45ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/612303449/?random=1727770475996&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfMRbhg9ZEJCCD-qhD2mk2qtoVNZCF0g&random=4038284943&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 2401863046519070 Show response
connect.facebook.net/signals/config/ 2 KB
1 KB 112ms
112ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519070?v=2.9.169&r=stable&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=86, mss=1232, tbw=89679, tp=88, tpl=0, uplat=109, ullat=0
pragma: public
x-fb-debug: 79DugNAKhtsxnaQbIDnbtOn61q1qYE/pQF/EvZjJCLKYsqpIP4RBNUaX3Vb7wYc+tUyKG8omJZUAcPlxWcliLQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/942787950/ 42 B
64 B 50ms
50ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942787950/?random=1727770476036&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfmd4Sh6LRQ_ghvl4QUbplio0z8EQVXA&random=548462436&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/942787950/ 42 B
64 B 43ms
43ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/942787950/?random=1727770476036&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfmd4Sh6LRQ_ghvl4QUbplio0z8EQVXA&random=548462436&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 53ms
53ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1727770476074&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfRq3iucL4uiK9vvrc9d2Pl35EwvJtuw&random=3218649607&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721159065/ 42 B
64 B 44ms
43ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721159065/?random=1727770476074&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfRq3iucL4uiK9vvrc9d2Pl35EwvJtuw&random=3218649607&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721477044/ 42 B
64 B 50ms
50ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721477044/?random=1727770476153&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYJruDKtJZ20DZBVNBp_noLYFh7OY5A&random=2558001723&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721477044/ 42 B
64 B 49ms
48ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721477044/?random=1727770476153&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfYJruDKtJZ20DZBVNBp_noLYFh7OY5A&random=2558001723&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 5ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D2401863046519079%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fgcxiu.com%26rl%3D%26if%3Dfalse%26ts%3D1727770476194%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1727770475917.268379098152070335%26pm%3D1%26hrl%3De7e9b9%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26cs_cc%3D1%26cas%3D7469710046409932%26exp%3Df3&events[1]=id%3D2401863046519079%26ev%3DCompleteRegistration%26dl%3Dhttps%253A%252F%252Fgcxiu.com%26rl%3D%26if%3Dfalse%26ts%3D1727770476195%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D1%26o%3D4124%26fbp%3Dfb.1.1727770475917.268379098152070335%26pm%3D1%26hrl%3Decdf13%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26tm%3D1%26cs_cc%3D1%26cas%3D6234696556613005%26exp%3Df3&rqm=GET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6331, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
270 B 130ms
129ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727770476194&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4124&fbp=fb.1.1727770475917.268379098152070335&pm=1&hrl=e7e9b9&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&cs_cc=1&cas=7469710046409932&exp=f3&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: H6/5wALurdzTAxtMlZptbYO7iYoEOmhCjmGRH/AKlKKolht1s2PdEUxNvXu19Ic/MPl3TYDtv799z8FcZLiWLw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6476, tp=-1, tpl=-1, uplat=126, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
279 B 132ms
131ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727770476195&sw=1600&sh=1200&v=2.9.169&r=stable&ec=1&o=4124&fbp=fb.1.1727770475917.268379098152070335&pm=1&hrl=ecdf13&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&tm=1&cs_cc=1&cas=6234696556613005&exp=f3&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: +1G8N8rqZCe0WEX4coEAjfctAh0A/K25nwRjTb1St+7K3q/6szxgogqlRdQzRh8tm239evW1yFJYWt7cCLt7Sg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6768, tp=-1, tpl=-1, uplat=128, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 5 KB
2 KB 52ms
52ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1727770476233&cv=11&fst=1727770476233&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

55fc4df3080fb99641bccc260487eab026dbbf6be1154d46eb58e20ea78dd05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2373
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame 00B2 0
0 53ms
53ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727770476233&cv=11&fst=1727770476233&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721521220/ 6 KB
3 KB 52ms
51ms Script
text/javascript 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721521220/?random=1727770476261&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ad56b2d9b81d26d38ec87b5707501548910da39c816d97e383acd0ea29c8e11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2692
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame D9FF 0
0 54ms
53ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727770476261&cv=11&fst=1727770476261&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 5 KB
2 KB 55ms
55ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1727770476285&cv=11&fst=1727770476285&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

a9458bf1523fa2950031e8ecbea1452ad9929edd5b2e572948b776fe0eb80315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2376
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame D50B 0
0 57ms
56ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727770476285&cv=11&fst=1727770476285&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/856479406/ 5 KB
3 KB 51ms
50ms Script
text/javascript 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/856479406/?random=1727770476312&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

97f41f12e9390a948c53710e1ea1fdf06bb8a064a2f055f8113e9aed0f9090dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2664
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame 086A 0
0 58ms
57ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727770476312&cv=11&fst=1727770476312&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 52ms
52ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727770476331&cv=11&fst=1727770476331&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

0acb584bff8bb82cb0d35b4a87c4bd7f92caeb26abdcb936f8e74261ba671b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2369
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame A6A1 0
0 59ms
59ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727770476331&cv=11&fst=1727770476331&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721484514/ 6 KB
3 KB 53ms
53ms Script
text/javascript 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721484514/?random=1727770476358&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

dac6dd6bfc5f3d921389d13a0ecaef2b21cd75b6be3677eb057639c05b7f8c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2661
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame 2655 0
0 58ms
58ms Document
text/html 142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727770476358&cv=11&fst=1727770476358&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gcxiu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 08:14:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 49ms
49ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1727770476233&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfiWn3IOIT1FweuXCEyjaDbePZSP6A5g&random=22727773&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721521220/ 42 B
64 B 46ms
46ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721521220/?random=1727770476233&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfiWn3IOIT1FweuXCEyjaDbePZSP6A5g&random=22727773&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/721521220/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016...
https://www.google.co.jp/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...

42 B
64 B

52ms
51ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjJ74y97siAMVXcgWBR3iojuxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck9wRTVKTG1YWlNhRmw5dXJGa1pSenV1LVA5d29faGE0SGJvbENHaVM0REh1OU01R1NIekpGWQ&is_vtc=1&cid=CAQSGwDpaXnf5TYeg0lWZgsvWWyYIWrOlLwIw80Kkg&random=4016502767&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/721521220/?random=261652987&cv=11&fst=1727770476261&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIjJ74y97siAMVXcgWBR3iojuxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck9wRTVKTG1YWlNhRmw5dXJGa1pSenV1LVA5d29faGE0SGJvbENHaVM0REh1OU01R1NIekpGWQ&is_vtc=1&cid=CAQSGwDpaXnf5TYeg0lWZgsvWWyYIWrOlLwIw80Kkg&random=4016502767&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 53ms
52ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1727770476285&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcAd5Z-a0dIF8ynwZ6odZBt82JW75iw&random=1520998357&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/856479406/ 42 B
64 B 42ms
42ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/856479406/?random=1727770476285&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcAd5Z-a0dIF8ynwZ6odZBt82JW75iw&random=1520998357&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/856479406/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l...
https://www.google.com/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...
https://www.google.co.jp/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1...

42 B
64 B

53ms
52ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIkcmxAiIBAkondHJpZ2dlciwgZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIgLL7y97siAMVAt0WBR06KTcrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJVU2VmMHl3aUEwOVphaE1mUG1Pd1ZFSVV3Q0F4dVNFcFY3WGdjTFVQZDQ0NGNwa1JkT1UtOA&is_vtc=1&cid=CAQSGwDpaXnf-Ln8Ay_DOkZdiutD6ml0nBB7MLBiew&random=3258616236&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/856479406/?random=1547059246&cv=11&fst=1727770476312&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIkcmxAiIBAkondHJpZ2dlciwgZXZlbnQtc291cmNlO25hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIgLL7y97siAMVAt0WBR06KTcrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJVU2VmMHl3aUEwOVphaE1mUG1Pd1ZFSVV3Q0F4dVNFcFY3WGdjTFVQZDQ0NGNwa1JkT1UtOA&is_vtc=1&cid=CAQSGwDpaXnf-Ln8Ay_DOkZdiutD6ml0nBB7MLBiew&random=3258616236&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 53ms
52ms Image
image/gif 172.217.25.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727770476331&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfKt9kRWWsVeXOYlJtWpQtkJ0nSgiOTg&random=4053356666&rmt_tld=0&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/721484514/ 42 B
64 B 40ms
40ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/721484514/?random=1727770476331&cv=11&fst=1727769600000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfKt9kRWWsVeXOYlJtWpQtkJ0nSgiOTg&random=4053356666&rmt_tld=1&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 4ms
4ms Image
text/plain 157.240.31.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D594307549455110%26ev%3DCHEQ%26dl%3Dhttps%253A%252F%252Fgcxiu.com%26rl%3D%26if%3Dfalse%26ts%3D1727770476374%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D1%26o%3D4124%26fbp%3Dfb.1.1727770475917.268379098152070335%26pm%3D1%26hrl%3Dcf4c5f%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26cs_cc%3D1%26exp%3Df3&events[1]=id%3D2401863046519079%26ev%3DCHEQ%26dl%3Dhttps%253A%252F%252Fgcxiu.com%26rl%3D%26if%3Dfalse%26ts%3D1727770476375%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D2%26o%3D4124%26fbp%3Dfb.1.1727770475917.268379098152070335%26pm%3D1%26hrl%3Daadb5d%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26cs_cc%3D1%26cas%3D24333884979543306%26exp%3Df3&events[2]=id%3D2401863046519070%26ev%3DCHEQ%26dl%3Dhttps%253A%252F%252Fgcxiu.com%252Flogin.jsp%26rl%3D%26if%3Dfalse%26ts%3D1727770476375%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D28%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727770475551%26coo%3Dfalse%26exp%3Df3&rqm=GET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4739, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 104ms
104ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727770476374&sw=1600&sh=1200&v=2.9.169&r=stable&ec=1&o=4124&fbp=fb.1.1727770475917.268379098152070335&pm=1&hrl=cf4c5f&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&cs_cc=1&exp=f3&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: JCSPG2c5t5XG1yPh6aZn6TbXlHvyPUFFvNW2RySPZ/MVuqQvsFH3bOI1LhrD5W+l5W72sna6bO6+n7t0nUU2iQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=8499, tp=21, tpl=0, uplat=97, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 106ms
105ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727770476375&sw=1600&sh=1200&v=2.9.169&r=stable&ec=2&o=4124&fbp=fb.1.1727770475917.268379098152070335&pm=1&hrl=aadb5d&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&cs_cc=1&cas=24333884979543306&exp=f3&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: tZczs41CtV3UqD/WH6txsGiQqsF+HkjVjQuLxI+pnDN2y/hm8Id22ah1vMm6sDzzTp8yXNHeOF4bZ0/LZrBcTw==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5107, tp=17, tpl=0, uplat=96, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
190 B 109ms
108ms Image
image/png 157.240.31.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rl=&if=false&ts=1727770476375&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1727770475551&coo=false&exp=f3&rqm=FGET

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 08:14:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: xy8RqaBLA1SPhAFpkwibNxtsNVuxc3tNyp3aZpLl44V5ZR3t43u9LGeHS8KSAxoFcHNYDewQkQDeWr98jJV8hA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=9315, tp=22, tpl=0, uplat=97, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0

GET
H3

200

/
www.google.co.jp/pagead/1p-conversion/721484514/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&ta...
https://www.google.com/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~10168...
https://www.google.co.jp/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101...

42 B
64 B

51ms
50ms

Image
image/gif

142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI86b-y97siAMVicwWBR1dES_HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck5CelFIUXNOSnFjUFZyTDM1TTFaLWdYc2gwVVN5d2RzcWZzSlU5NFpzdlNXWE9KUWZtWDVGSQ&is_vtc=1&cid=CAQSGwDpaXnfi3ENW0XGf7kamh76Ov5MinHJ_Rodsw&random=1282721030&ipr=y

Requested by

Host: gcxiu.com
URL: https://gcxiu.com/login.jsp

Protocol

Server

142.251.42.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-conversion/721484514/?random=107840889&cv=11&fst=1727770476358&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1553927301.1727770475&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=2&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECIgECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI86b-y97siAMVicwWBR1dES_HMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck5CelFIUXNOSnFjUFZyTDM1TTFaLWdYc2gwVVN5d2RzcWZzSlU5NFpzdlNXWE9KUWZtWDVGSQ&is_vtc=1&cid=CAQSGwDpaXnfi3ENW0XGf7kamh76Ov5MinHJ_Rodsw&random=1282721030&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 08:14:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 favicon.ico
gcxiu.com/style/img/ 7 KB
7 KB 187ms
186ms Other
image/x-icon 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gcxiu.com/style/img/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: a73b8750f14482e6ccfd7c3b227a7019714160a3be1a85dc45fdc145d30dfe1c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer: https://gcxiu.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 7358
date: Tue, 01 Oct 2024 08:14:35 GMT
etag: W/"7358-1727678886000"
last-modified: Mon, 30 Sep 2024 06:48:06 GMT
content-type: image/x-icon
server: Apache

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
141 B 179ms
177ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded
Referer: https://gcxiu.com/

Response headers

access-control-allow-origin: https://gcxiu.com
content-length: 0
date: Tue, 01 Oct 2024 08:14:37 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
16 B 169ms
167ms XHR
application/json 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded
Referer: https://gcxiu.com/

Response headers

access-control-allow-origin: https://gcxiu.com
content-length: 0
date: Tue, 01 Oct 2024 08:14:37 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gcxiu.com
URL: blob:https://gcxiu.com/e1a190bb-33b2-44de-a1d5-7a93884d72a4

Domain: gcxiu.com
URL: blob:https://gcxiu.com/f4eaad56-cde0-4ae9-9c49-4424ca53bbce

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gcxiu.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8CAC97BBEC4F35F417BAC85B935C7E4E
gcxiu.com/	1970-01-21 09:22:05	Name: _pk_id.1077564906.5102 Value: 81163b029e42f2c7.1727770470.1.1727770470.1727770470.
gcxiu.com/	1970-01-20 23:56:12	Name: _pk_ses.1077564906.5102 Value: *
.fraud-alert.net/	1970-01-21 08:41:46	Name: caulisCookie Value: 1105770775766462466
.gcxiu.com/	1970-01-21 02:05:46	Name: _gcl_au Value: 1.1.1553927301.1727770475
.gcxiu.com/	1970-01-21 08:41:46	Name: _yjsu_yjad Value: 1727770475.0f3b5cd0-d8e9-467a-ac6f-8fd2dc8ff952
.gcxiu.com/	1970-01-21 09:32:10	Name: __lt__cid Value: 5815ccb4-e1af-4022-8cae-eb3e4f2291ca
.gcxiu.com/	1970-01-20 23:56:12	Name: __lt__sid Value: 1e238657-17de0608
gcxiu.com/	1970-01-21 09:32:10	Name: snexid Value: 6c4c919c-1f60-40c2-b4d9-c7cca3879091
.line.me/	1970-01-21 09:32:10	Name: _ldbrbid Value: tr__k1y/XGb7r2tVxwFHiDd7Ag==
.yahoo.co.jp/	1970-01-21 08:41:46	Name: XA Value: 0bpb8t9jfnbrb&sd=A&t=1727770475&u=1727770475&v=1
.yahoo.co.jp/	1970-01-21 09:32:10	Name: XB Value: 31e9106e-7fcd-11ef-8c03-45fb458c92a2&v=6&u=1727770475&s=8v
i.smartnews-ads.com/	1970-01-21 00:06:15	Name: AWSALBTGCORS Value: IrSewjdV+yn1NXfc/q+cflT7eEGgBFJ1YyHymo5fqQSp74EqPtJeLBhB2zQ3P0Bho+vMTLrOZTvF2S8aR8g/Wpi8o7FBAnzGJ+/dollJvswCaCkYmH5e8lu9u8HbakIF7JVwGtVqcCbdyW2lAm/VvtRJ1goSEWoiIanyewICt/mVBEiBnK4=
.gcxiu.com/	1970-01-21 02:07:34	Name: _cq_duid Value: 1.1727770475.7UWnvhKWApMGMh1U
.gcxiu.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1727770475.j4BHJKI481vPx2ql
.doubleclick.net/	1970-01-20 23:56:11	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 09:17:46	Name: MUID Value: 2B33FC51986F6374297AE95A996A628F
.bat.bing.com/	1970-01-21 00:06:15	Name: MR Value: 0
.gcxiu.com/	1969-12-31 23:59:59	Name: _kys Value: QEkRB7FDj57YAA_.gcxiu.com
.gcxiu.com/	1970-01-20 23:57:36	Name: _uetsid Value: 3220b0507fcd11ef83879977c39d0d5e
.gcxiu.com/	1970-01-21 09:17:46	Name: _uetvid Value: 3220bda07fcd11efa16615147d00deef
.gcxiu.com/	1970-01-21 02:05:46	Name: _fbp Value: fb.1.1727770475917.268379098152070335
.bing.com/	1970-01-21 09:17:46	Name: MSPTC Value: M2oBvTD5PndRYV9tbpgtKchRwVDNxDyOndwasf6-vEc
obs.segreencolumn.com/	1970-01-21 08:00:00	Name: cg_uuid Value: c7cd13c90a1a854272206dabe34f42da
.gcxiu.com/	1970-01-21 09:32:10	Name: _kyp Value: QEkQBhnPEovq5SMHCiVkYt29KeqLCYJdB7Q8romoGm0Ez+f5i0FG6EnCEnKXJI5Kethgl0HtDyrcRJFA_.gcxiu.com+eh+gcxiu.com

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://gcxiu.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #pressedButtonId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://gcxiu.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #screenId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://gcxiu.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #viewName: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://gcxiu.com/login.jsp Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
worker	verbose	URL: blob:https://gcxiu.com/e1a190bb-33b2-44de-a1d5-7a93884d72a4(Line 1) Message: Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
apm.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
cdn.kaizenplatform.net
cdn.smartnews-ads.com
connect.facebook.net
d.line-scdn.net
gcxiu.com
googleads.g.doubleclick.net
i.smartnews-ads.com
i6.smartnews-ads.com
log-v4-insight.kaizenplatform.net
ob.segreencolumn.com
obs.segreencolumn.com
p.fraud-alert.net
s.yimg.jp
seal.digicert.com
static.fraud-alert.net
td.doubleclick.net
tk.csolution.jp
tr.line.me
trj.valuecommerce.com
www.facebook.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
gcxiu.com
118.215.185.125
124.83.185.124
13.225.183.44
13.251.181.147
142.250.196.98
142.250.206.194
142.250.76.130
142.250.76.136
142.251.42.163
147.92.191.92
154.91.176.218
157.240.31.35
157.240.31.5
172.217.25.164
182.22.28.252
182.22.30.220
23.40.192.29
23.62.185.138
2404:6800:4004:81f::2002
2404:6800:4004:826::2008
2600:140b:1a00:7a6::322
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:208e:dc00:18:82c:9d80:93a1
2600:9000:20e4:1a00:18:15b9:5a80:93a1
2600:9000:26a7:5200:10:3572:e540:93a1
2620:1ec:33:1::10
2a03:2880:f10f:83:face:b00c:0:25de
3.114.202.197
3.164.110.102
52.198.29.63
54.65.163.228
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0acb584bff8bb82cb0d35b4a87c4bd7f92caeb26abdcb936f8e74261ba671b56
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8
14524dd539fcc2ffd55d6b2296fa21eb821962d0b0b38e132a3872fa68469407
18feb6ecb24ef112ba8662cb6227b45ba57f716feb9cce74e328808b3d64ff7a
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e
2c767b9f6eeaaeb265ad99d629755322e207a8246cbedf69e4894b005bad58b9
36764538475ed686e610797186c270c6613158a82d8ee661fe062164cc2fc3d8
3af408e83ac4940bc1afc6ca0a229c744cad5d23a075fb2c6ebf7c48b98fd67e
3cee19a70b9a42c623fa521a6f6dec0c92621af0837c0aea8af577d765305161
3d763c629470c489961eb3a060b28cb8ce25930ec9151976c00e95cc5be860ac
3d79ae359809479da6c061d5e54722efa2c983b3a42f13b99bc29c6bfdb64735
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41bff8273586283bac1a552096b7ec5d2ea54d22e56d313847a474cb98e497d8
47833524b991ce077e9a2b65ddef8eb2d583c66e751013023a5e495200a93d01
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
4f58e1449f7c4fbe34d484b7a884794e61c28e501ca5e62aa009d4d824f645cc
509666e9a89868dcf3726ac352ec4cf979c876074fd29f33db4910cccc60be25
51ae2f5a753c96b5c70779481552f3636df036952791a90c7853af58c73a35f9
55fc4df3080fb99641bccc260487eab026dbbf6be1154d46eb58e20ea78dd05c
5730c20f4c59d43a6ee22a2e1e2105c4df653fa049365493ff3ae59681617bc9
57e4fab3e926d0392dfc236b18cc28628abf957efe96c5d5a592b617ec108a90
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6
58e6a3e299903aec7e2f86ca4a1ffe3d1b735fe5b9ec134b8aa235fb5c14f6f7
5db6af7eeb8db4d129f28994aea29b99381c0f5ad165145eb33a11466cbfbad7
5dd2fe79734336639eef5babbf1c02cadcaaf6d624d0fc41a67e7aeb1748ac67
60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899
68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
6d7d78790ce47a9f461a18910d2a1a198323b8c2b8c7d4cb73ac2c3bb498cd1b
6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
7732039ccec1ef0477d9eefa6fd8c61b8edaf12644d84e6463a891767e5d983a
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba
7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd
8066c8aba3ffc242097ecc224ce699836686e8877732722fd068e5beebd206dd
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
8950b10e398d61c2c824fabe07fc8b03aa16332080ca0f35457abe40feadd43a
91abd6dde757fc8d88ec57bb9a16916c79bac9686f4df63278e5cdc2e40913a5
92ecd16fb9172548717e5c6711cfaf1db2fa6a64e839770e629af3c6202c4b51
957e9a8afc16d61e09074aae12ff0c72d7bc818b088acf6c91b95fc201163250
9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1
96a79368873fdded69380614834f0749dfaaafdd772eae7f52714514dbb42553
97f41f12e9390a948c53710e1ea1fdf06bb8a064a2f055f8113e9aed0f9090dd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f
a4ff4a2e224200c44f48e5f94fcc3fc3c1976b82ad7a5438ce7e29ee03007efd
a73b8750f14482e6ccfd7c3b227a7019714160a3be1a85dc45fdc145d30dfe1c
a9458bf1523fa2950031e8ecbea1452ad9929edd5b2e572948b776fe0eb80315
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad56b2d9b81d26d38ec87b5707501548910da39c816d97e383acd0ea29c8e11b
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f
b82cfc9414a9ba84ada5d2536b92138069c4eb1a8bdcdf39f3aa44541f48c495
b974b15d71b864c662cbf4b7ec851f7627338a1dbebf641c04a1a9c85e7b606d
bbf9677fcbaed11ae4904aac81218802a635075f6b0ce772b9b76b012abd1b03
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0
cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002
cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d76e527fa361e2dd9d637cb1757bc92f4ca12efb6447fb3f74235f239e7bc67a
d7719bc0835cef0ccd9589d84af843378288ca574b7fac7633794c8a1e369154
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
d8c060726a532ebef5758c585eae111b4d0f26232911c39ef68922e1e19f508c
dac6dd6bfc5f3d921389d13a0ecaef2b21cd75b6be3677eb057639c05b7f8c53
dc851eb54c6e8bb87d0650e2e30e767b97ec10f34f87efe1e019e1a94b2d0538
e138b0b6f3a1ef325da049dbf9b8f25d068ff914ecdfc4c5656b8e4fd3cfb42c
e15c03afbe9c07a6604f3fb95c8671c972fc3adf4a7aa86bb96d034385499d2b
e34e8bda8eca4f79e97d123a12b45186e4a8570a735f994c8360acd569673bf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f298fc5b7d772c00a37ec87f3e1591636d7c806e9fe7b60d949d7935a1b33da1
f3310269d49fadc8992211db70e4f0c643a1d18de29a950ab997664d9dab934d
faa3e3dda438c6d861dd2b0ffd95d135c5638fc51d8c982286aa48a87a0eabf0
fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9

gcxiu.com Open in urlscan Pro 154.91.176.218 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

172 Requests

82 %HTTPS

29 %IPv6

21 Domains

28 Subdomains

32 IPs

5 Countries

4289 kBTransfer

7519 kBSize

25 Cookies

7 Outgoing links

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gcxiu.com Open in urlscan Pro
154.91.176.218 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

82 %
HTTPS

29 %
IPv6

21
Domains

28
Subdomains

32
IPs

5
Countries

4289 kB
Transfer

7519 kB
Size

25
Cookies

172 HTTP transactions
0 data transactions