gemforex.com Open in urlscan Pro
23.45.50.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.adspop.me/sp=1&to=b22f0e9abd0fc16f3e248eb34f10c799f34607d4
Effective URL:
https://gemforex.com/campaign.php
Submission: On February 02 via manual (February 2nd 2023, 8:18:42 am UTC) from US — Scanned from JP

Summary HTTP 239 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 46 domains to perform 239 HTTP transactions. The main IP is 23.45.50.243, located in United States and belongs to AKAMAI-ASN1, NL. The main domain is gemforex.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 6th 2022. Valid for: a year.

This is the only time gemforex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	2606:4700:303... 2606:4700:3035::6815:275c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:9005	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700:303... 2606:4700:3035::6815:4d1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4004:826::200a	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81e::2008	15169 (GOOGLE) (GOOGLE)
1 7	2404:6800:400... 2404:6800:4004:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a05:22c7:1:2... 2a05:22c7:1:2140::194	42567 (MOJHOST-EU) (MOJHOST-EU)
62	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
1 2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
1 1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	13.115.235.46 13.115.235.46	16509 (AMAZON-02) (AMAZON-02)
1 55	23.45.50.243 23.45.50.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:81d::200e	15169 (GOOGLE) (GOOGLE)
3	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1	219.94.163.101 219.94.163.101	9371 (SAKURA-C ...) (SAKURA-C SAKURA Internet Inc.)
1	2404:6800:400... 2404:6800:4004:827::200a	15169 (GOOGLE) (GOOGLE)
12	222.230.178.33 222.230.178.33	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
2	2400:52e0:150... 2400:52e0:1501::1064:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2600:9000:222... 2600:9000:2224:6200:1e:513c:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	183.79.255.12 183.79.255.12	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
4	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	143.204.122.53 143.204.122.53	16509 (AMAZON-02) (AMAZON-02)
2	210.152.82.21 210.152.82.21	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
1 4	54.238.247.89 54.238.247.89	16509 (AMAZON-02) (AMAZON-02)
1	203.137.177.25 203.137.177.25	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	2404:6800:400... 2404:6800:4004:812::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81e::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f10... 2a03:2880:f10f:187:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	143.204.126.45 143.204.126.45	16509 (AMAZON-02) (AMAZON-02)
2	2600:140b:2::... 2600:140b:2::172c:3392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:140b:400... 2600:140b:400::172d:3323	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
2 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
2	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2	13.230.11.0 13.230.11.0	16509 (AMAZON-02) (AMAZON-02)
3 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 3	35.213.109.249 35.213.109.249	15169 (GOOGLE) (GOOGLE)
2	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2	202.241.208.55 202.241.208.55	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 4	13.115.198.155 13.115.198.155	16509 (AMAZON-02) (AMAZON-02)
2	54.92.23.157 54.92.23.157	16509 (AMAZON-02) (AMAZON-02)
2	141.226.231.48 141.226.231.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	13.113.86.10 13.113.86.10	16509 (AMAZON-02) (AMAZON-02)
2	222.230.178.129 222.230.178.129	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
2	38.133.127.95 38.133.127.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	35.201.98.24 35.201.98.24	15169 (GOOGLE) (GOOGLE)
2	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2 4	103.71.26.126 103.71.26.126	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
2	13.32.50.107 13.32.50.107	16509 (AMAZON-02) (AMAZON-02)
5	2600:140b:1a0... 2600:140b:1a00:d::17d2:1a36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
239	53

5 2606:4700:3035::6815:275c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

go.adspop.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trac.adspop.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9005 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trac.adspop.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3035::6815:4d1a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

short.adnet.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:80a::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:22c7:1:2140::194 (Netherlands)

ASN42567 (MOJHOST-EU, NL)

go.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Huizen, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.optimizesrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Huizen, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.optnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.235.46 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-235-46.ap-northeast-1.compute.amazonaws.com

ap.octopuspop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 23.45.50.243 (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-50-243.deploy.static.akamaitechnologies.com

gemforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b92.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 219.94.163.101 (Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www1491.sakura.ne.jp

shaken.autospirit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 222.230.178.33 (Asahikawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

rt.gsspat.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
genieedmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1501::1064:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

js.octopuspop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2224:6200:1e:513c:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

taj1.ebis.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.79.255.12 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b97.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.122.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-122-53.nrt20.r.cloudfront.net

cd.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.152.82.21 (Kitakyushu, Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-152-82-21.candela.jp-east-2.compute.idcfcloud.net

ac.miraku.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.238.247.89 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-247-89.ap-northeast-1.compute.amazonaws.com

px.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.137.177.25 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 203-137-177-25.jp-east-2.compute.idcfcloud.com

ac.afi-thor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::200a (Australia)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10f:187:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.126.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-45.nrt20.r.cloudfront.net

um.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:2::172c:3392 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:400::172d:3323 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.80 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.148.252 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.230.11.0 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-11-0.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.109.249 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com

y.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

ssl.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.115.198.155 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-198-155.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.23.157 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-23-157.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.113.86.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-86-10.ap-northeast-1.compute.amazonaws.com

ad.caprofitx.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 222.230.178.129 (Asahikawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.133.127.95 (United States)

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.98.24 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 24.98.201.35.bc.googleusercontent.com

sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.71.26.126 (Singapore) 2 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.50.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-107.nrt57.r.cloudfront.net

as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:140b:1a00:d::17d2:1a36 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

b6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
55	gemforex.com 1 redirects gemforex.com	2 MB
11	gsspat.jp rt.gsspat.jp — Cisco Umbrella Rank: 64487	5 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 2636 clients1.google.com — Cisco Umbrella Rank: 431	170 KB
8	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 33151 audiencedata.im-apps.net — Cisco Umbrella Rank: 46109 b6.im-apps.net — Cisco Umbrella Rank: 136276	6 KB
8	ladsp.com 1 redirects cd.ladsp.com — Cisco Umbrella Rank: 87671 px.ladsp.com — Cisco Umbrella Rank: 104140 um.ladsp.com — Cisco Umbrella Rank: 172667	17 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 ajax.googleapis.com — Cisco Umbrella Rank: 295 www.googleapis.com — Cisco Umbrella Rank: 25	123 KB
7	adnet.cash 1 redirects short.adnet.cash	173 KB
6	adspop.me 3 redirects go.adspop.me — Cisco Umbrella Rank: 900880 trac.adspop.me — Cisco Umbrella Rank: 944975	68 KB
4	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 660	2 KB
4	adtdp.com ad.caprofitx.adtdp.com — Cisco Umbrella Rank: 174456 as.amanad.adtdp.com — Cisco Umbrella Rank: 5396	3 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	825 B
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	4 KB
4	openx.net 2 redirects jp-u.openx.net — Cisco Umbrella Rank: 13962	833 B
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	199 KB
4	yahoo.co.jp b92.yahoo.co.jp — Cisco Umbrella Rank: 35879 b97.yahoo.co.jp — Cisco Umbrella Rank: 25505 am.yahoo.co.jp — Cisco Umbrella Rank: 26407	25 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	40 KB
3	impact-ad.jp 1 redirects y.one.impact-ad.jp — Cisco Umbrella Rank: 3319	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	256 B
3	octopuspop.com 1 redirects ap.octopuspop.com — Cisco Umbrella Rank: 280104 js.octopuspop.com — Cisco Umbrella Rank: 348775	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	145 KB
2	popin.cc discoveryplus.popin.cc — Cisco Umbrella Rank: 94043	938 B
2	gmossp-sp.jp sp.gmossp-sp.jp — Cisco Umbrella Rank: 85509	791 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 720
2	gssprt.jp cs.gssprt.jp — Cisco Umbrella Rank: 41279	891 B
2	taboola.com sync.taboola.com — Cisco Umbrella Rank: 919	459 B
2	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 3511	819 B
2	socdm.com ssl.socdm.com — Cisco Umbrella Rank: 197848	2 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 308	2 KB
2	ad-stir.com sync.ad-stir.com — Cisco Umbrella Rank: 4422	715 B
2	microad.jp s-cs.send.microad.jp — Cisco Umbrella Rank: 85630	1 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 665	688 B
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 21812	638 B
2	miraku.work ac.miraku.work	13 KB
2	optimizesrv.com 1 redirects syndication.optimizesrv.com — Cisco Umbrella Rank: 505001	2 KB
1	afi-thor.com ac.afi-thor.com	56 KB
1	ebis.ne.jp taj1.ebis.ne.jp — Cisco Umbrella Rank: 190848	8 KB
1	genieedmp.com genieedmp.com — Cisco Umbrella Rank: 221020	1 KB
1	autospirit.net shaken.autospirit.net	524 B
1	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 10657	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	19 KB
1	optnx.com 1 redirects s.optnx.com — Cisco Umbrella Rank: 24601	1 KB
1	ero-advertising.com go.ero-advertising.com — Cisco Umbrella Rank: 433526	3 KB
0	eabids.com Failed static.eabids.com Failed
239	46

	Domain	Requested by
62	fonts.gstatic.com	fonts.googleapis.com
55	gemforex.com	1 redirects syndication.optimizesrv.com gemforex.com
11	rt.gsspat.jp	gemforex.com genieedmp.com trac.adspop.me
7	www.google.com	1 redirects short.adnet.cash cse.google.com gemforex.com www.google.com
7	short.adnet.cash	1 redirects short.adnet.cash
5	b6.im-apps.net	gemforex.com
5	fonts.googleapis.com	short.adnet.cash gemforex.com
5	trac.adspop.me	2 redirects trac.adspop.me
4	sync.search.spotxchange.com	2 redirects um.ladsp.com
4	ups.analytics.yahoo.com	2 redirects um.ladsp.com
4	ib.adnxs.com	2 redirects um.ladsp.com
4	jp-u.openx.net	2 redirects um.ladsp.com
4	px.ladsp.com	1 redirects gemforex.com um.ladsp.com
4	connect.facebook.net	gemforex.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gemforex.com
3	y.one.impact-ad.jp	1 redirects um.ladsp.com
3	x.bidswitch.net	3 redirects
3	www.facebook.com	gemforex.com
3	www.googletagmanager.com	short.adnet.cash gemforex.com
2	as.amanad.adtdp.com	um.ladsp.com
2	discoveryplus.popin.cc	um.ladsp.com
2	sp.gmossp-sp.jp	um.ladsp.com
2	sync.outbrain.com	um.ladsp.com
2	cs.gssprt.jp	um.ladsp.com
2	ad.caprofitx.adtdp.com	um.ladsp.com
2	sync.taboola.com	um.ladsp.com
2	cs.adingo.jp	um.ladsp.com
2	ssl.socdm.com	um.ladsp.com
2	pixel.rubiconproject.com	um.ladsp.com
2	sync.ad-stir.com	um.ladsp.com
2	s-cs.send.microad.jp	um.ladsp.com
2	simage2.pubmatic.com	um.ladsp.com
2	cm.g.doubleclick.net	2 redirects
2	dmp.im-apps.net	rt.gsspat.jp dmp.im-apps.net
2	um.ladsp.com	px.ladsp.com
2	www.google.co.jp	gemforex.com
2	googleads.g.doubleclick.net	www.googletagmanager.com gemforex.com
2	ac.miraku.work	gemforex.com ac.miraku.work
2	cd.ladsp.com	gemforex.com
2	b97.yahoo.co.jp	s.yimg.jp gemforex.com
2	js.octopuspop.com	gemforex.com js.octopuspop.com
2	cse.google.com	gemforex.com www.google.com
2	syndication.optimizesrv.com	1 redirects
1	audiencedata.im-apps.net	dmp.im-apps.net
1	clients1.google.com	gemforex.com
1	www.googleapis.com	gemforex.com
1	ac.afi-thor.com	gemforex.com
1	am.yahoo.co.jp	b92.yahoo.co.jp
1	taj1.ebis.ne.jp	gemforex.com
1	genieedmp.com	gemforex.com
1	ajax.googleapis.com	gemforex.com
1	shaken.autospirit.net	gemforex.com
1	b92.yahoo.co.jp	gemforex.com
1	s.yimg.jp	gemforex.com
1	cdnjs.cloudflare.com	gemforex.com
1	ap.octopuspop.com	1 redirects
1	s.optnx.com	1 redirects
1	www.gstatic.com	www.google.com
1	go.ero-advertising.com	short.adnet.cash
1	go.adspop.me	1 redirects
0	static.eabids.com Failed	go.ero-advertising.com
239	61

This site contains links to these domains. Also see Links.

Domain
twitter.com
gforex.info

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.ero-advertising.com R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
optimizesrv.com R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
gemforex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-06` - `2023-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-12-23` - `2024-01-22`	a year	crt.sh
shaken.autospirit.net R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
rt.gsspat.jp GeoTrust RSA CA 2018	`2022-04-18` - `2023-05-05`	a year	crt.sh
*.octopuspop.com GoGetSSL RSA DV CA	`2022-04-18` - `2023-05-19`	a year	crt.sh
genieedmp.com GeoTrust RSA CA 2018	`2022-08-08` - `2023-08-05`	a year	crt.sh
*.ebis.ne.jp Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-11-04` - `2023-12-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2022-05-09` - `2023-06-10`	a year	crt.sh
miraku.work R3	`2023-01-11` - `2023-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
afi-thor.com R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-10` - `2023-06-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.ad-stir.com Sectigo ECC Domain Validation Secure Server CA	`2022-10-17` - `2023-10-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
ssl.socdm.com Go Daddy Secure Certificate Authority - G2	`2022-01-28` - `2023-02-14`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.caprofitx.adtdp.com Amazon	`2022-11-28` - `2023-12-27`	a year	crt.sh
cs.gssprt.jp GeoTrust RSA CA 2018	`2023-01-06` - `2024-02-06`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
sp.gmossp-sp.jp GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2022-09-23` - `2023-10-24`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2022-03-07` - `2023-04-05`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://gemforex.com/campaign.php
Frame ID: 566250D231F8005F1E8D4263F2578313
Requests: 179 HTTP requests in this frame

Frame: https://go.ero-advertising.com/banner.go?spaceid=5112185
Frame ID: 10FB4DCEF5B095723FDE1AD737AC8CEC
Requests: 2 HTTP requests in this frame

Frame: https://js.octopuspop.com/view/ls.html
Frame ID: ADA2316FCD86D99638D555EFE738FC7A
Requests: 1 HTTP requests in this frame

Frame: https://rt.gsspat.jp/n?v=1
Frame ID: D19F27249F6A33BBDC4FAD424AD8A89A
Requests: 16 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Frame ID: 38DF0CE4ACC96A14A34C0B795AEC2845
Requests: 20 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Frame ID: 14A7D8B79E976CCD04259CD3F8BACA45
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 70EA16B0E72BFD5F45B10C7B9FA97C7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新規口座開設ボーナスキャンペーン｜GEMFOREX検索

Page URL History Show full URLs

https://go.adspop.me/sp=1&to=b22f0e9abd0fc16f3e248eb34f10c799f34607d4 HTTP 302
http://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D Page URL
https://trac.adspop.me/links/popad HTTP 301
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D Page URL
https://short.adnet.cash/links/popad HTTP 301
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745 Page URL
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&ch... HTTP 302
https://s.optnx.com/cimp.php?data=TVRZM05UTXlOVGt4Tkh4bU5EZG1ZalEwTlRVNE1tWmhNamM1TlRSalltVmlOVF... HTTP 302
https://ap.octopuspop.com/click/?_spot=57222&_ad=44568&_kbparam=exotracker:oodPNZHNRbHPVPHNZO7wQHUVTTT... HTTP 302
https://gemforex.com/vip/92920/camp?_xuid=diux6e1f59398a5432010b9fca9e9bad3aa7 HTTP 302
https://gemforex.com/campaign.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

239
Requests

94 %
HTTPS

42 %
IPv6

46
Domains

61
Subdomains

53
IPs

7
Countries

4185 kB
Transfer

7164 kB
Size

64
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/FX_GEMFOREX_
Title: Twitter

Search URL Search Domain Scan URL

URL: https://gforex.info/news/20160401-2/
Title: お友達紹介キャンペーン

Search URL Search Domain Scan URL

URL: https://gforex.info/news/20220401/
Title: お誕生日プレゼントキャンペーン

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.adspop.me/sp=1&to=b22f0e9abd0fc16f3e248eb34f10c799f34607d4 HTTP 302
http://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D Page URL
https://trac.adspop.me/links/popad HTTP 301
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D Page URL
https://short.adnet.cash/links/popad HTTP 301
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745 Page URL
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&check=41f54dc2cd21cac437115bf9cc637c27&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
https://s.optnx.com/cimp.php?data=TVRZM05UTXlOVGt4Tkh4bU5EZG1ZalEwTlRVNE1tWmhNamM1TlRSalltVmlOVFpqTnpkalkyRXlNZy0tfGh0dHBzOi8vYXAub2N0b3B1c3BvcC5jb20vY2xpY2svP19zcG90PTU3MjIyJl9hZD00NDU2OCZfa2JwYXJhbT1leG90cmFja2VyOm9vZFBOWkhOUmJIUFZQSE5aTzd3UUhVVlRUVFQxT3NzcHFzbWx0ZEs1MVV0cnBYVU9wbGRLNlYwcnBxcXFiSFRXMVN6VTB1bXRxbG1wc2RLNlowcnBYU3VsZE02VjBycG5WMGJhV1RiWjJVWGJYV1IzWFhUejBXelQwVFR6VjF6VzBPMnFubjIxb3EwNDNtMnJvbzNuM28yem5xb3A0c3RyejNkWlRVNHZRU0dqejJCdWFQWE12VG5PbGRLNlYwcnBYU3VsZEs2VndmWXxodHRwc3wyMTcuMTM4LjI1Mi4xNzJ8SlBOfDB8amF2c3VidGl0bGUuY298MTY0NTU0fDEzNDgwMHw4MDY5MjV8MzUxMTEyNXw1MDh8NTQ5NTE0Mnw3NzQ1NzEwOHw0MHwzfDB8MHwxNTU0N3w3NDV8MzB8OTB8RVVSfFVTRHwwLjkxOTJ8MXwyMnx8MXxKUE58fDU2fDR8MXx8NjNkYjcxZGE3MzlkOTcuOTk5MjIzODEyMzEyMTY2MTgzfGQ1MjJkYzM1YmZlMWQ2MzNlMmUzZGEyNTM0Zjc4NmFlfDF8MHxzaG9ydC5hZG5ldC5jYXNofDB8MHwwfDAuMjV8MXwwfGV4Y2hhbmdlX2xpbmt8MHwwfDE4NTAxNDR8LTF8MHwxODUwMTQ3fHx8MXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjo5MC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzkwLjB8fE9LfGUwMWQyMTNlOTdiNWZhNGEzMTQzZDAzMjA1MWNmZjFk&exo_cid=1663&exffir=eyJjIjoiNDFmNTRkYzJjZDIxY2FjNDM3MTE1YmY5Y2M2MzdjMjciLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
https://ap.octopuspop.com/click/?_spot=57222&_ad=44568&_kbparam=exotracker:oodPNZHNRbHPVPHNZO7wQHUVTTTT1OsspqsmltdK51UtrpXUOpldK6V0rpqqqbHTW1SzU0umtqlmpsdK6Z0rpXSuldM6V0rpnV0baWTbZ2UXbXWR3XXTz0WzT0TTzV1zW0O2qnn21oq043m2roo3n3o2znqop4strz3dZTU4vQSGjz2BuaPXMvTnOldK6V0rpXSuldK6VwfY&exffir=eyJjIjoiNDFmNTRkYzJjZDIxY2FjNDM3MTE1YmY5Y2M2MzdjMjciLCJ0IjoiMSIsInNyIjoiMTYwMHgxMjAwIiwiY3IiOiIxNjAweDEyMDAiLCJpIjoiMCJ9 HTTP 302
https://gemforex.com/vip/92920/camp?_xuid=diux6e1f59398a5432010b9fca9e9bad3aa7 HTTP 302
https://gemforex.com/campaign.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://go.adspop.me/sp=1&to=b22f0e9abd0fc16f3e248eb34f10c799f34607d4 HTTP 302
http://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D HTTP 301
https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D

Request Chain 3

https://trac.adspop.me/links/popad HTTP 301
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

Request Chain 15

https://short.adnet.cash/links/popad HTTP 301
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745

Request Chain 159

https://www.google.com/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&value=0&bttype=purchase&auid=1529628732.1675325918&uamb=0&uaw=0&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP 302
https://www.google.co.jp/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&value=0&bttype=purchase&auid=1529628732.1675325918&uamb=0&uaw=0&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

Request Chain 164

https://px.ladsp.com/pixel?advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F HTTP 302
https://px.ladsp.com/pixel?cr=true&advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESEJwT2bFlEiW98nngiU3PPKo&google_cver=1

Request Chain 195

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ HTTP 302
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ

Request Chain 197

https://ib.adnxs.com/setuid?entity=276&code=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ

Request Chain 200

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcg HTTP 302
https://y.one.impact-ad.jp/cs?d=105&uid=74b925c1-9f1e-47c4-98d5-5e4955e6f340&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=

Request Chain 203

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ HTTP 302
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ&verify=true

Request Chain 211

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ&__user_check__=1&sync_id=3213bead-a2d2-11ed-b9e8-1457a7f90407

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02 HTTP 302
https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESELOPuNzmVgWto4aoP5UmUBs&google_cver=1

Request Chain 214

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ HTTP 302
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

Request Chain 216

https://ib.adnxs.com/setuid?entity=276&code=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

Request Chain 219

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ HTTP 302
https://y.one.impact-ad.jp/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ HTTP 302
https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

Request Chain 222

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA HTTP 302
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA&verify=true

Request Chain 230

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA&__user_check__=1&sync_id=3214d4fa-a2d2-11ed-8154-1ff8a4d40207

239 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

oS92lgXPP Show response
trac.adspop.me/
Redirect Chain

https://go.adspop.me/sp=1&to=b22f0e9abd0fc16f3e248eb34f10c799f34607d4
http://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D

9 KB
7 KB

299ms
297ms

Document
text/html

2606:4700:3035::6815:275c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:275c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c4d9fb9d48c1887e58b829316b8a2fcc3b93afa225e913bc6e79ea7d9de35d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79317f1da9bbaf73-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNpFxA0Zqm9qDvXAbrtR3XVpkvMGEawHCcFM5Cbjcs6Mt1f%2F3cKTdY2fXOwWlKSZ2t5k%2BdUwNIwMN2na8zrCRDJG6XUk1Qv%2FYd%2BDpUUMWK6Zv14F9dt57Z%2F9DqGbYBmtpTf7un0jCgQ74x%2Flcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 79317f1d98fce053-NRT
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 02 Feb 2023 08:18:30 GMT
Expires: Thu, 02 Feb 2023 09:18:30 GMT
Location: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35BfJ7EkMYGgWPNKLOztnFRS%2FlZgTIbYmqKzDIBERtRM8e%2Fu9Oenlvm5%2Fv3KICLX%2Fex6h%2FpK%2BGsAYAWuH67%2FItuUVnq%2FZWKm24oG8TFVaoJXm9OLouVt5KeFbYm4UkSIn6a6BimOZ3qrFS17wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h2=":443"; ma=60

GET
H2 200 ads.js Show response
trac.adspop.me/js/ 106 B
442 B 12ms
9ms Script
application/javascript 2606:4700:3035::6815:275c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trac.adspop.me/js/ads.js
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:275c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:30 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 12 Jun 2017 21:11:24 GMT
server: cloudflare
age: 2026
etag: W/"6a-551c9c2ead700-gzip"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQSJJey5QfA3%2BHGHnmEb7PXaKLU17EZXmndUOUq8bsN%2BBHGHKQrW8aoAv9gBOIr2zEm4YUeC%2BaPb9RtltCUqyN6%2BgLDMOtonLF9a3pR2RlcBoUfkdZvdAnOertvMgowuL%2BwDofPQ38X7tsbcRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79317f1f9c3aaf73-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.min.js Show response
trac.adspop.me/modern_theme/build/js/ 192 KB
59 KB 256ms
255ms Script
application/javascript 2606:4700:3035::6815:275c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trac.adspop.me/modern_theme/build/js/script.min.js?ver=4.5.1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:275c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b8b919bc0d87670d60621cdaa8d6fd29bf58a01664d18836d6193aa014c954

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Sep 2017 15:46:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2ff16-55836c6e61900-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKNwVgTZ%2Bc0GXNT6bk5fjiwb%2FVApLemEBemr12BNQf6XRSWLD7qNf1M4tnEWh1RWA9AF0XHHQ68lC3JkeCx8J0iLI0nQ9282usxgQZ8Gst1foq3vqlT5vPR3CTMWl2FYXXlVkpjFGjHK2UdQaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79317f1f9c3baf73-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

BUn9xVP9er4Ga4Am Show response
short.adnet.cash/
Redirect Chain

https://trac.adspop.me/links/popad
https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

12 KB
8 KB

1315ms
1025ms

Document
text/html

2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f20b84624ca71c31aa7463cdd10278a3e8f7fd3779f945bf07df749f760c8f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://trac.adspop.me
Referer: https://trac.adspop.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79317f252c251f2b-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY%2BvI4s1n4P%2FOzvuBu6ELXjGpkqv%2FMH3F1A2E%2F1IN9bYa1ypQUohVJYJou6hQv6S96JOz%2BNkrHvUPXdnaH%2B3qERA38fZV2AiTktgVpXfEB%2Bij1YKfwpuAIJRQEVFZPFtozhTfFria0AAxcFWeTAn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79317f216de3af73-NRT
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbxaZuOeO%2BV8AFx4UkHsbgMuwGTR3Ijm8UwkxJaRukHGWc%2FtB3gYmprrlCV3dCxC1ZfNgP%2BeYZEN1%2BR%2Fv3rHMBDC%2BwHr4KIrvlpfd1hfNk9ZuLezhb7gK1iZBWiL%2BsaEACuooU5UuQ6BN%2FuVkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 168ms
44ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 08:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 08:18:33 GMT

GET
H2 200 styles.min.css
short.adnet.cash/modern_theme/build/css/ 225 KB
36 KB 12ms
11ms Stylesheet
text/css 2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70e6409c8d31c1305875c330fb419b1ab556bf3855d0fe1e67cc778b2e2d39c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Sep 2020 14:06:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124
etag: W/"384e3-5b00fb5c814da-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJhJX0LMOTly%2Bp%2BxdwoppRs1vFXY%2BRYR2GcUZUmpJ0HzaTUFjmNfYcVks29ZvH0dEpeuUF28nwrQxWTnsMNiH3wIb0zau4erAxOz80xpjnE8h2sifTLFu76TrtvciOojfxrKLNQGLimGmdCX4T3p"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79317f2b9f951f2b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js
www.googletagmanager.com/gtag/ 110 KB
43 KB 138ms
46ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111790449-1

Requested by

Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43954
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 08:18:33 GMT

GET
H2 200 ads.js Show response
short.adnet.cash/js/ 106 B
406 B 16ms
15ms Script
application/javascript 2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://short.adnet.cash/js/ads.js
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 18 Dec 2017 20:31:31 GMT
server: cloudflare
age: 4206
etag: W/"6a-560a33c4a6ec0-gzip"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VIpRTKgYEL%2FEs%2BzUoA2MdgqRirleAB95Bhzil%2BwPpbXMVpQB6iRieehcFSwr9zz4Z7Edfq2XCBuYGUeOOXWy6oWhJUElMJXsEgURkeNWprpbmtJ2vnaV0eXmYuKRCKHd%2BYVRhdlvGLuISTWWtY3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79317f2b9f971f2b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 script.min.js Show response
short.adnet.cash/modern_theme/build/js/ 192 KB
59 KB 14ms
13ms Script
application/javascript 2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://short.adnet.cash/modern_theme/build/js/script.min.js?ver=4.5.1
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5c71301f29f4b6c91efb3e913655c063523e9fecd20da490afdcfdd8955349

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2019 15:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5647
etag: W/"2ff5a-5911a9bf38184-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBkNdtU31lY0SC2i4qmqTjAo0%2BDJW5a94kJiqyA0ZcNFFoQoHFo%2BFvr4ms72Pol%2F0gzzCVa3wPZDBttv6HaJkXGrXBtVlrlGFWxikLWQp%2FQH%2FWJwR7AYJWoFHMQgMpch6cNWS8GPNxgVvoN8CcJn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79317f2b9f981f2b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js
www.google.com/recaptcha/ 918 B
901 B 87ms
42ms Script
text/javascript 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 08:18:33 GMT

GET
H2 200 banner.go
go.ero-advertising.com/ Frame 10FB 3 KB
3 KB 907ms
385ms Document
text/html 2a05:22c7:1:2140::194
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ero-advertising.com/banner.go?spaceid=5112185
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/BUn9xVP9er4Ga4Am?pop=SxK09NYQxTuidSu%2BOQt3Fw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:22c7:1:2140::194 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://short.adnet.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
content-length: 2617
content-type: text/html; charset=utf-8
date: Thu, 02 Feb 2023 08:18:33 GMT
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 02 02 2023 08:18:33 GMT
pragma: no-cache
server: nginx
x-backend-server: nl2-web-200

GET
H3 200 header.jpg
short.adnet.cash/modern_theme/build/img/ 55 KB
55 KB 9ms
9ms Image
image/jpeg 2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://short.adnet.cash/modern_theme/build/img/header.jpg
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:33 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2017 03:37:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6777
etag: "db38-560a92ed4f0c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDJoOBg0JZh5r2MVVyMfkz5xycaJxWN0jMxeQIxVz3VeRJb73wHERKFrxr%2BlCbkluOUv9lTrlhkaMJWKAMVOOpZ%2BjA%2BerqJoD33QY%2BFfDrmu1N7l8NaX3Vkcpwy951bJXanL5mHoOehAduMZto94"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79317f2cbcdc3414-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56120

GET
H3 200 footer.jpg
short.adnet.cash/modern_theme/build/img/ 13 KB
13 KB 12ms
12ms Image
image/jpeg 2606:4700:3035::6815:4d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://short.adnet.cash/modern_theme/build/img/footer.jpg
Requested by: Host: short.adnet.cash
URL: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/modern_theme/build/css/styles.min.css?ver=4.5.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:33 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2017 20:31:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6572
etag: "33fd-560a33c4a6ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aWlze0VMx6mHLjrDGtV444mQfv7nnOkqn6HpX5tMwjyF%2FA1kewWc7rGmMN32AYdOGLzjwveqw13NGLTBrjfV9Jj3EVvkfHrbciEhZjrOnnvJ2%2BYh%2FprC1hCs1ZD7prqANZN5wAkytQAS00r72iw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79317f2cbcde3414-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13309

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 45ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://short.adnet.cash
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 26 Jan 2023 18:26:17 GMT
x-content-type-options: nosniff
age: 568336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 18:26:17 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 47ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://short.adnet.cash
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 16:53:51 GMT
x-content-type-options: nosniff
age: 55482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:53:51 GMT

GET
H/1.1

200
OK

splash.php
syndication.optimizesrv.com/
Redirect Chain

https://short.adnet.cash/links/popad
https://syndication.optimizesrv.com/splash.php?type=8&idzone=745

1 KB
898 B

1188ms
260ms

Document
text/html

95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://short.adnet.cash
Referer: https://short.adnet.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 08:18:34 GMT
Server: nginx
Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79317f2ccce83414-NRT
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9utizP1p1EWNuGzZsKttwUqTtCDiTqj7lmE9TBte0oxq3fDdGxMpRwfCsBS7HhlPGiJEu9INa6d78s4jlaQ0sVnht52QwPnrl296FHD2r9VhtkExNnPdB8rW7fsSKhDW9rpIeGsNlfJdjOnb8Y3"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 41ms
2ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111790449-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://short.adnet.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 06:47:22 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5471
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 08:47:22 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 2 B
207 B 39ms
39ms XHR
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=813649797&t=pageview&_s=1&dl=https%3A%2F%2Fshort.adnet.cash%2FBUn9xVP9er4Ga4Am%3Fpop%3DSxK09NYQxTuidSu%252BOQt3Fw%253D%253D&dr=https%3A%2F%2Ftrac.adspop.me%2F&ul=en-us&de=UTF-8&dt=Adnet.Cash&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1600856857&gjid=1785497098&cid=422270109.1675325913&tid=UA-111790449-1&_gid=1811162682.1675325913&_r=1&_slc=1&gtm=2ou1u0&z=701425888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://short.adnet.cash/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://short.adnet.cash
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 402 KB
161 KB 45ms
3ms Script
text/javascript 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://short.adnet.cash/
Origin: https://short.adnet.cash
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 09:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163841
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 09:01:27 GMT

GET 33840.gif
static.eabids.com/data/bannerpools/112022/ Frame 10FB 0
0

GET
H2

200

Primary Request campaign.php Show response
gemforex.com/
Redirect Chain

https://syndication.optimizesrv.com/splash.php?type=8&idzone=745&p=https%3A%2F%2Fshort.adnet.cash%2F&tested=1&check=41f54dc2cd21cac437115bf9cc637c27&screen_resolution=1600x1200&container_resolution...
https://s.optnx.com/cimp.php?data=TVRZM05UTXlOVGt4Tkh4bU5EZG1ZalEwTlRVNE1tWmhNamM1TlRSalltVmlOVFpqTnpkalkyRXlNZy0tfGh0dHBzOi8vYXAub2N0b3B1c3BvcC5jb20vY2xpY2svP19zcG90PTU3MjIyJl9hZD00NDU2OCZfa2JwYXJ...
https://ap.octopuspop.com/click/?_spot=57222&_ad=44568&_kbparam=exotracker:oodPNZHNRbHPVPHNZO7wQHUVTTTT1OsspqsmltdK51UtrpXUOpldK6V0rpqqqbHTW1SzU0umtqlmpsdK6Z0rpXSuldM6V0rpnV0baWTbZ2UXbXWR3XXTz0WzT0...
https://gemforex.com/vip/92920/camp?_xuid=diux6e1f59398a5432010b9fca9e9bad3aa7
https://gemforex.com/campaign.php

55 KB
13 KB

588ms
586ms

Document
text/html

23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/campaign.php

Requested by

Host: syndication.optimizesrv.com
URL: https://syndication.optimizesrv.com/splash.php?type=8&idzone=745

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

2d19049242f778d3398164b3a66b102ecb5bdce59605285bd565cb26f1768bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://syndication.optimizesrv.com/splash.php?type=8&idzone=745
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control
content-encoding: gzip
content-length: 13584
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:37 GMT
expires: -1
pragma
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: Nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Feb 2023 08:18:36 GMT
expires: -1
location: /campaign.php
pragma
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 reset.css
gemforex.com/assets/css/ 2 KB
1 KB 15ms
5ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/reset.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1a6ca640db4c4e6179b2f1610f3b7ddc014273879a6c3d279bfa9dd1e337200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:44 GMT
etag: "a60e76-6b8-5eeacccff0c1d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=49193
accept-ranges: bytes
content-length: 825
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:58:30 GMT

GET
H2 200 base.css
gemforex.com/assets/css/ 44 KB
8 KB 24ms
11ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/base.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e1964a425f1048553681916740c8a46c9739efdb521b8fd9ad535bdf4f1a1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 10 Jan 2023 04:38:30 GMT
etag: "a60e7d-b0d5-5f1e174a35e4a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=37930
accept-ranges: bytes
content-length: 8330
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 18:50:47 GMT

GET
H2 200 ea.css
gemforex.com/assets/css/ 24 KB
4 KB 44ms
31ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/ea.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

3dbebd4fb9a4748139f31fda339dc443c49653999d68744abd19dcc4cc306ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:46 GMT
etag: "a60e7e-5efc-5eeaccd1b61e7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=45387
accept-ranges: bytes
content-length: 3980
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 20:55:04 GMT

GET
H2 200 HorizontalImageFlow.css
gemforex.com/assets/css/ 1 KB
746 B 30ms
18ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/HorizontalImageFlow.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

ac49687945de33ae93f9729067d1ee26e6619ff4a3a800e1502b11dab245b4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:45 GMT
etag: "a60e78-479-5eeaccd062095"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=49449
accept-ranges: bytes
content-length: 475
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:02:46 GMT

GET
H2 200 content.css
gemforex.com/assets/css/ 32 KB
6 KB 31ms
19ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/content.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5a11582f64fd866c04f5e275b1cc490c35a512abade9b58cbb0f6ea7991c7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 10 Jan 2023 04:39:08 GMT
etag: "280207d-7ffd-5f1e176eb78e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=25955
accept-ranges: bytes
content-length: 6103
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:31:12 GMT

GET
H2 200 slick-theme.css
gemforex.com/assets/css/ 3 KB
1 KB 20ms
9ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/slick-theme.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

e9e933164743471d9eae8e4a286c3187bf70d2dbf5487ab586b5b0761e6ba2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:45 GMT
etag: "a60e79-c64-5eeaccd0d0a16"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=64623
accept-ranges: bytes
content-length: 894
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:15:40 GMT

GET
H2 200 slick.css
gemforex.com/assets/css/ 2 KB
839 B 23ms
12ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/slick.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:44 GMT
etag: "a60e75-6f0-5eeacccfed185"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=65838
accept-ranges: bytes
content-length: 569
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:35:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 228 KB
60 KB 60ms
50ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ecc403b1fbad6096a78cbfbab5abfb0a8286c94b84ae78d05b205261cc51984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H2 200 colorbox.css
gemforex.com/assets/js/colorbox/ 4 KB
2 KB 20ms
10ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/js/colorbox/colorbox.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

ffb2f2d99b0c239c9f6d40069d5d31aebbe1544fe5e3195b4444236abcaed3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Sun, 27 Nov 2022 20:16:12 GMT
etag: "280088e-117a-5ee796d1bdf59"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private, max-age=48831
accept-ranges: bytes
content-length: 1475
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:52:28 GMT

GET
H2 200 _countdown_.css
gemforex.com/assets/css/ 4 KB
1 KB 17ms
8ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/_countdown_.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

a5c60004eb126e7cfd322a7638248578fa3f37e7c0e1978cdec9f738564316e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 07 Dec 2022 09:12:10 GMT
etag: "2802182-ecc-5ef3950b8c745"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=62597
accept-ranges: bytes
content-length: 826
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 01:41:54 GMT

GET
H2 200 _countdown_.js Show response
gemforex.com/js/ 2 KB
1019 B 26ms
17ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/js/_countdown_.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb8b8e044d05c83f56b3969e438e52e771ca1840d04f540acbec74b6ebf3c704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Sep 2017 06:22:13 GMT
etag: "b40fd4-818-559204c0e6395"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=54069
accept-ranges: bytes
content-length: 723
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 23:19:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 55ms
49ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10842515122

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88820a55febe57d2e91802002240062af6121ebe7191fcaae66b5f7d07736bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50748
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H2 200 base_20200109_min.css
gemforex.com/CSS/ 384 KB
54 KB 24ms
16ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/CSS/base_20200109_min.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d3fbbec3e00427e6bc8be3dc705f30ee924cc557077241f6f32be5a2c6aa76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 29 Aug 2022 02:34:10 GMT
etag: "28037f4-60013-5e7581947f333"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=48035
accept-ranges: bytes
content-length: 55052
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:39:12 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
gemforex.com/js/ 95 KB
33 KB 27ms
19ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/js/jquery-1.12.0.min.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Sep 2017 06:22:13 GMT
etag: "b40fd5-17c52-559204c0e965d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=49844
accept-ranges: bytes
content-length: 33878
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:09:21 GMT

GET
H2 200 content.css
gemforex.com/assets/css/ 32 KB
6 KB 22ms
15ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/content.css?20230109

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5a11582f64fd866c04f5e275b1cc490c35a512abade9b58cbb0f6ea7991c7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 10 Jan 2023 04:39:08 GMT
etag: "280207d-7ffd-5f1e176eb78e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=84364
accept-ranges: bytes
content-length: 6103
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 07:44:41 GMT

GET
H2 200 previous_djustments.css
gemforex.com/assets/css/ 3 KB
1 KB 19ms
12ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/css/previous_djustments.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

ad0bfe6a25c29d8ee54a2127774533bf366a0dd9096bcf2c513e472a2ebbae88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:46 GMT
etag: "a60e7c-d20-5eeaccd14c686"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=9789
accept-ranges: bytes
content-length: 1000
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 11:01:46 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 100 KB
19 KB 36ms
8ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1773481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18716
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-491c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TaLVOXBprS6ZT76aoOQy0wlOIVPWMj7qcXyh7EQme5IVTC7a4noi08UmALV%2F6OZcKGWSSN6wGPRXGO8FZi9tX%2B7DxpzMM0S9zo%2BT5c1xFtp5CDSJ8pMAY5zqUfMJLvkGGuu7ZqAJ3Prcgz%2B7XBqOnm5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79317f46e9d6afb1-NRT
expires: Tue, 23 Jan 2024 08:18:37 GMT

GET
H2 200 logo.svg
gemforex.com/assets/images/common/ 9 KB
4 KB 93ms
87ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/logo.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

717af4fa65e7c97cd2b7fed05f1f286d23497abd3f4fd9fa0463d47f3b1d49fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:05 GMT
etag: "a60eae-2416-5eeacce41a89e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3821
x-xss-protection: 1; mode=block

GET
H2 200 logo_k.svg
gemforex.com/assets/images/common/ 9 KB
4 KB 98ms
93ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/logo_k.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

2ea6bae3361f21ae258b2bd57b36b31b3aaef7b7c8a40e02100f77eae0646353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:02 GMT
etag: "a60ea1-2427-5eeacce0ffdfb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3843
x-xss-protection: 1; mode=block

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 114ms
64ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=0542df4c57bc6d049

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e34757976a22566b9ba044c59ea21312f1dfc87c7c3862edee36e710deabae2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3497
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"

GET
H2 200 ico_bc_home.svg
gemforex.com/assets/images/common/ 2 KB
1 KB 105ms
99ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_bc_home.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

d3aa55359f3d42c499bde9b33e0d46704abba68ee171ae83ff5a287627e8ed35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:02 GMT
etag: "a60e9f-849-5eeacce08977b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 870
x-xss-protection: 1; mode=block

GET
H2 200 zan_d_27.png
gemforex.com/assets/images/campaign/ 2 KB
2 KB 18ms
13ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/zan_d_27.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

2fd471f72d444f2fd2f7d761fc967c9187d570381ad1736e056b09066f936196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:24 GMT
etag: "a60ef0-8db-5eeaccf5fe8af"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, max-age=27669
accept-ranges: bytes
content-length: 2267
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:59:46 GMT

GET
H2 200 bank_title.png
gemforex.com/assets/images/common/payment/ 3 KB
3 KB 24ms
19ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/bank_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

a8f8be635c28c97af25dd17d35e865695f1a922fe411dd3eb1b91b9e4bc279b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:26 GMT
etag: "a60fc5-a19-5eeacd312daa1"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=48902
accept-ranges: bytes
content-length: 2585
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:53:39 GMT

GET
H2 200 credit_title.png
gemforex.com/assets/images/common/payment/ 9 KB
9 KB 17ms
12ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/credit_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

a719f75e90188edc5356606707e673963165f1babe4be225b688ef753067c0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fc9-24d0-5eeacd320b18b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=66995
accept-ranges: bytes
content-length: 9424
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:55:12 GMT

GET
H2 200 bitwallet_title.png
gemforex.com/assets/images/common/payment/ 3 KB
3 KB 17ms
12ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/bitwallet_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

5290341a252d040863574d4879b590e51e316aaeca83bf0f8fa5b7259d7d5dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fcc-c0a-5eeacd32773fc"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=45136
accept-ranges: bytes
content-length: 3082
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 20:50:53 GMT

GET
H2 200 bitcoin_title.png
gemforex.com/assets/images/common/payment/ 3 KB
3 KB 17ms
13ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/bitcoin_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e2a49e2e42b10d5a95e970f8253ae3ebbae4cb0c887726947f1db6e53ae07e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:28 GMT
etag: "a60fce-b1c-5eeacd32e2e9c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=68275
accept-ranges: bytes
content-length: 2844
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 03:16:32 GMT

GET
H2 200 eth_title.png
gemforex.com/assets/images/common/payment/ 4 KB
4 KB 18ms
14ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/eth_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef230b7247682eae3dfa587701e269f26836bb743ddda3e33124ffcb12a66808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:28 GMT
etag: "a60fcd-109f-5eeacd32e3a54"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=39138
accept-ranges: bytes
content-length: 4255
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 19:10:55 GMT

GET
H2 200 perfectmoney_title.png
gemforex.com/assets/images/common/payment/ 3 KB
4 KB 17ms
12ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/perfectmoney_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

e910b04560fc11dbb503fcdaef7b1c55a3663a53a63b35764e148dbb601f3fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fc7-def-5eeacd31a02a2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=48902
accept-ranges: bytes
content-length: 3567
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:53:39 GMT

GET
H2 200 megatransfer_title.png
gemforex.com/assets/images/common/payment/ 1 KB
1 KB 23ms
19ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/megatransfer_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

8fc6c54f42995a571e59b5cd0fb91656c9a12f38721a4bbe1567cbd84eb4cb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:26 GMT
etag: "a60fc6-4ad-5eeacd312daa1"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, max-age=50301
accept-ranges: bytes
content-length: 1197
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:16:58 GMT

GET
H2 200 payeer_title.png
gemforex.com/assets/images/common/payment/ 2 KB
2 KB 18ms
14ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/payeer_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

d7cb058ee3aeaccc3bc554185af8d6ed3b29cfa77bfd7383f3258c4b185e0c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fc8-798-5eeacd31a02a2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=49283
accept-ranges: bytes
content-length: 1944
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:00:00 GMT

GET
H2 200 stic_title.png
gemforex.com/assets/images/common/payment/ 934 B
1 KB 22ms
18ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/stic_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

3f9e3f23abd6ef1493e6478341e72adbc4df79b11c3e501885d423c31f69cd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fca-3a6-5eeacd320a5d3"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=66343
accept-ranges: bytes
content-length: 934
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:44:20 GMT

GET
H2 200 algocharge_title.png
gemforex.com/assets/images/common/payment/ 9 KB
9 KB 17ms
13ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/payment/algocharge_title.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

94a655a5ea337cd1156e3fd51e34b1f71c1a6cdfc1e74ee7c26de5ca2a6e6320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:35:27 GMT
etag: "a60fcb-234b-5eeacd32777e4"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=48558
accept-ranges: bytes
content-length: 9035
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:47:55 GMT

GET
H2 200 jquery.mmenu.all.css
gemforex.com/CSS/ 35 KB
5 KB 6ms
6ms Stylesheet
text/css 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/CSS/jquery.mmenu.all.css

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

c1848b6834a2a831a720af27d5a52620d9e24d489cea925d6c2ba3cfc7f6c652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Mon, 23 Nov 2020 06:56:10 GMT
etag: "281b27d-8de5-5b4c0b073fcf2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: private, max-age=46488
accept-ranges: bytes
content-length: 5226
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:13:25 GMT

GET
H2 200 jquery.mmenu.min.all.js Show response
gemforex.com/js/ 34 KB
10 KB 6ms
5ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/js/jquery.mmenu.min.all.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

7bfb48976fff213c874bbe581fe50a771d3d0c2f1949c3394995b3e8dac742fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Sep 2017 06:22:13 GMT
etag: "b40fd2-89bc-559204c0e3c86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=63815
accept-ranges: bytes
content-length: 9833
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:02:12 GMT

GET
H2 200 main_20200109.min.js Show response
gemforex.com/js/ 76 KB
21 KB 7ms
7ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/js/main_20200109.min.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

4513214f03568053993548a98f8e72824280c5b673ca42e51318e9960fa03f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 30 Nov 2021 15:19:52 GMT
etag: "b415a6-1319e-5d20316cf55dd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: private, max-age=46785
accept-ranges: bytes
content-length: 20945
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:18:22 GMT

GET
H2 200 lazyload-2.0.0.min.js Show response
gemforex.com/js/ 2 KB
1 KB 6ms
6ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/js/lazyload-2.0.0.min.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

64ef938dd040a288e2e3493f834b5ba37b8804fd0ba4c1829e981677fdaec94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 24 Nov 2020 01:23:17 GMT
etag: "281bbc5-7dc-5b4d027c7b38f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=62674
accept-ranges: bytes
content-length: 896
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 01:43:11 GMT

GET
H2 200 conversion.js Show response
s.yimg.jp/images/listing/tool/cv/ 6 KB
2 KB 32ms
8ms Script
application/javascript 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/conversion.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: ATS /
Resource Hash: 9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

ats-carp-promotion: 1
date: Thu, 02 Feb 2023 08:11:00 GMT
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 16:25:04 GMT
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 457
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 2140

GET
H2 200 s_retargeting.js Show response
b92.yahoo.co.jp/js/ 8 KB
8 KB 11ms
9ms Script
application/javascript 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b92.yahoo.co.jp/js/s_retargeting.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

be102c02ba4b3b5c45fa0797bfdc883abb8830b6ae45ad14f944bec5e5cfbdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

ats-carp-promotion: 1
date: Thu, 02 Feb 2023 08:10:59 GMT
x-content-type-options: nosniff
x-amz-request-id: d2027280-3c65-4a9f-bd4b-2382f4a7f7cd
age: 458
cross-origin-resource-policy: cross-origin
content-length: 8097
x-xss-protection: 1;mode=block
last-modified: Mon, 30 Jan 2023 04:56:13 GMT
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
etag: "6e47c8f7b336ecc4433bfe025de21136"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=600
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges: bytes

GET
H2 200 ico_arrow_up.svg
shaken.autospirit.net/wp-content/themes/shaken2022/assets/images/common/ 376 B
524 B 37ms
9ms Image
image/svg+xml 219.94.163.101
SAKURA-C SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shaken.autospirit.net/wp-content/themes/shaken2022/assets/images/common/ico_arrow_up.svg
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 219.94.163.101 , Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS: www1491.sakura.ne.jp
Software: nginx /
Resource Hash: d2aa4955f84e3be0a4d5c6f579c32d0dbaa881efa4c69cfab28903da6cc10f09

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
last-modified: Wed, 31 Mar 2021 04:53:34 GMT
server: nginx
accept-ranges: bytes
etag: "178-5becde5a62f80"
content-length: 376
content-type: image/svg+xml

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 88 KB
31 KB 59ms
3ms Script
text/javascript 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 10:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31100
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 10:07:31 GMT

GET
H2 200 function.js Show response
gemforex.com/assets/js/ 9 KB
3 KB 7ms
6ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/js/function.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

474827859437abc7661f2c4cbac39711dd4fe3f628cc4f8bef6f78fc10607a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Tue, 31 Jan 2023 07:14:11 GMT
etag: "280104f-239e-5f38a140e48cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=50073
accept-ranges: bytes
content-length: 2520
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:13:10 GMT

GET
H2 200 slick.min.js Show response
gemforex.com/assets/js/ 42 KB
10 KB 11ms
6ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/js/slick.min.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:48 GMT
etag: "a60e81-a76f-5eeaccd3663da"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=64325
accept-ranges: bytes
content-length: 10434
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:10:42 GMT

GET
H2 200 jquery.colorbox.js Show response
gemforex.com/assets/js/colorbox/ 28 KB
9 KB 19ms
12ms Script
text/javascript 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/assets/js/colorbox/jquery.colorbox.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6a9006f853408ab15738dff6116fa84eea75c426fb2d5e44c08dc7a0bf3ac42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Sun, 27 Nov 2022 20:16:12 GMT
etag: "2800898-71f2-5ee796d1bfab1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=45533
accept-ranges: bytes
content-length: 8835
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 20:57:30 GMT

GET
H2 200 lp.js Show response
rt.gsspat.jp/e/conversion/ 4 KB
1 KB 14ms
3ms Script
application/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/e/conversion/lp.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 455c800bd41b91ca3b3dfe3dfdf727c8a44f557ced2ffc9fe9f9995aabb8b9a9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Sep 2018 05:54:14 GMT
server: nginx
etag: W/"5b98aa06-10f7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 g Show response
rt.gsspat.jp/ 0
98 B 17ms
3ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=47654&j=1
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:37 GMT
server: nginx
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 precv.js Show response
js.octopuspop.com/ 2 KB
1 KB 479ms
1ms Script
application/javascript 2400:52e0:1501::1064:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://js.octopuspop.com/precv.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1064:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1064 /
Resource Hash: 9455ab7cd40ada8fd3d9f6ad888857b778033da2f36b5a843d1c87db76ceb6ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
cdn-edgestorageid: 1061
x-amz-request-id: WDRJ38X5JR59TKZQ
cdn-cachedat: 01/30/2023 08:26:28
cdn-pullzone: 96923
x-amz-id-2: UbU8NMj+zpDJr0zvd5p9R8comndhW0i0vrKsexBVk8gQMTKrc8+J0gqCi/bxnKOB8X3ECUG7gig=
last-modified: Mon, 30 Jan 2023 08:24:39 GMT
server: BunnyCDN-JP1-1064
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"197fd192d193e884f40c181ebc453784"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
cache-control: public, max-age=2592000
cdn-requestid: 7ef08ed98bf02c8cd1087a9285aa24a8
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dmp.js Show response
genieedmp.com/ 3 KB
1 KB 71ms
1ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://genieedmp.com/dmp.js?c=6250&ver=2
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: ab0f6556489e71e71de94094ef94eb7ab92b9eacf189ed05f510667e9ede23d5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 lp.js Show response
rt.gsspat.jp/e/conversion/ 4 KB
1 KB 16ms
3ms Script
application/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/e/conversion/lp.js?ver=2
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 455c800bd41b91ca3b3dfe3dfdf727c8a44f557ced2ffc9fe9f9995aabb8b9a9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Sep 2018 05:54:14 GMT
server: nginx
etag: W/"5b98aa06-10f7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 cmt.js Show response
taj1.ebis.ne.jp/RzfIb7Vy/ 22 KB
8 KB 27ms
6ms Script
application/javascript 2600:9000:2224:6200:1e:513c:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taj1.ebis.ne.jp/RzfIb7Vy/cmt.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2224:6200:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b92f6e97112d6a50612418baaff3a88d43e151abf5d88565df84e5149ab7cf93

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:06 GMT
content-encoding: gzip
via: 1.1 3a963020e2f0fa2986cf768697d0cf6e.cloudfront.net (CloudFront)
last-modified: Fri, 23 Dec 2022 01:37:26 GMT
server: Apache
x-amz-cf-pop: NRT57-P4
age: 31
etag: W/"56b6-5f074d3efce7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-store, s-maxage=60, public
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jb6R1El9GW30-il7dJol_BAq50V1Zi55ujv-omHTzkYi8utILJVYAA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 50ms
47ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGTX9XH

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7920f333ceb74dd3ca9878c86674413459d37b0e48d9cb7eb0b795a87a50be97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53368
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 109 KB
30 KB 48ms
48ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP

Requested by

Host: gemforex.com
URL: https://gemforex.com/CSS/base_20200109_min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36d61675f8ddec293c102503a3ca133fb16ded951f3150d695eefda36dbd0b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 6 KB
666 B 43ms
42ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: gemforex.com
URL: https://gemforex.com/CSS/base_20200109_min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
561 B 87ms
86ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: gemforex.com
URL: https://gemforex.com/CSS/base_20200109_min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H2 200 ico_nav_tw.svg
gemforex.com/assets/images/common/ 596 B
813 B 87ms
87ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_tw.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

d4ff3262870e564f4219acbf41c135437f6f170649a3e968fff3ebd2e46befb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:02 GMT
etag: "a60ea0-254-5eeacce0a0e79"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 596
x-xss-protection: 1; mode=block

GET
H2 200 ico_nav_lang.svg
gemforex.com/assets/images/common/ 3 KB
1 KB 88ms
88ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_lang.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

866cc830c376e431cc9ba2fc2e75b627bb4bc48b6c481b8990ab9181bbd41cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:33:58 GMT
etag: "a60e97-b70-5eeaccdd2ed6c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1293
x-xss-protection: 1; mode=block

GET
H2 200 ico_nav_login.svg
gemforex.com/assets/images/common/ 1 KB
770 B 98ms
97ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_login.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

830ae94f851cc0d9a56ca3fc63e32af2ac25def87d11aeef828c9b87911fb88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:05 GMT
etag: "a60eac-446-5eeacce3a1b0e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 533
x-xss-protection: 1; mode=block

GET
H2 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 5ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76890ed0912951cb7116c2cfdec0d5ad3e138e94641d0dd1126ad45304feddba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sun, 29 Jan 2023 13:03:34 GMT
x-content-type-options: nosniff
age: 328503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13504
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:50:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 13:03:34 GMT

GET
H2 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v42/ 50 KB
51 KB 3ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 23:27:55 GMT
x-content-type-options: nosniff
age: 377442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51568
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 23:27:55 GMT

GET
H2 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.119.woff2
fonts.gstatic.com/s/notosansjp/v42/ 52 KB
52 KB 3ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72886b29a4caed5ecd641a108d1b0393e3f94ecc551fc926dffe047e3cf35b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Mon, 30 Jan 2023 21:03:17 GMT
x-content-type-options: nosniff
age: 213320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53112
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 21:03:17 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.117.woff2
fonts.gstatic.com/s/notosansjp/v42/ 9 KB
9 KB 13ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2a49516984beb189756b2dcbaa9786e3038a7767ff3b9e852f02386a5706a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 09:52:00 GMT
x-content-type-options: nosniff
age: 80797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 09:52:00 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.113.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 14ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e60f1e6f0dae2450972e7ef57248eff6beb1fb476e5d6e45cb639422c0fdc0dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 22:26:55 GMT
x-content-type-options: nosniff
age: 35502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12668
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 22:26:55 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.116.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 11ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59a63e6e125dfee986b928df6221d449a5911cfd6317367c179beac858c6f7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 00:35:12 GMT
x-content-type-options: nosniff
age: 459805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 00:35:12 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.114.woff2
fonts.gstatic.com/s/notosansjp/v42/ 11 KB
11 KB 11ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34702bf237a55306199e6fc98ea7b08b93ccf3f09bf7ab4b1954c03d775bbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 19:42:42 GMT
x-content-type-options: nosniff
age: 45355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11652
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 19:42:42 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.108.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 14ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26bee832221678eda8465d15232c769d951077732aa9019aaf1c4861380dee4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 03:26:44 GMT
x-content-type-options: nosniff
age: 17513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 03:26:44 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.100.woff2
fonts.gstatic.com/s/notosansjp/v42/ 17 KB
17 KB 13ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1af64b7b2d7eaceb13c622fd41d3713f9d02e0f993336b41a3c1712aaba1e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 17:43:17 GMT
x-content-type-options: nosniff
age: 138920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17240
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:43:17 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.94.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 12ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.94.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a65b25b6ceeede7ce7e371a1c826781ec411264d8686613539d667e3ebee8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 13:50:27 GMT
x-content-type-options: nosniff
age: 66490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16596
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 13:50:27 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.110.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 2ms
2ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258818d51dbc40f6282dca0b30deaa731d29a4d7d25bd82e1a3c0122292c1954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 14:45:26 GMT
x-content-type-options: nosniff
age: 495191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13212
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 14:45:26 GMT

GET
H/1.1 200
OK conversion_async.js Show response
b97.yahoo.co.jp/pagead/ 41 KB
16 KB 90ms
70ms Script
text/javascript 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b97.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/conversion.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

5c76225a246fac077d82d7d0f2a36921c21dfe8821ea2f1bf17ca43eb47d34bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:37 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Age: 0
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Connection: close
X-XSS-Protection: 0
Server: ATS
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ETag: 6443111878286526749
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Permissions-Policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 06:47:22 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5475
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Feb 2023 08:47:22 GMT

GET
H2 200 ajax-loader.gif
gemforex.com/images/ 4 KB
4 KB 6ms
5ms Image
image/gif 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/images/ajax-loader.gif

Requested by

Host: gemforex.com
URL: https://gemforex.com/CSS/base_20200109_min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/CSS/base_20200109_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

unused62: 8096267
date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Mon, 08 Jan 2018 06:10:02 GMT
etag: "28049e1-1052-5623da61a7bce"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, max-age=54208
accept-ranges: bytes
content-length: 4178
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 23:22:05 GMT

GET
H2 200 slide_1_0_bg_d.jpg
gemforex.com/assets/images/campaign/ 227 KB
228 KB 14ms
13ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/slide_1_0_bg_d.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

1da2abcdb9ead5cb65d54f214e467b309bd5430b97578122f64dc4d31d060df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:18 GMT
etag: "a60ed9-38c37-5eeaccf07bad4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=48707
accept-ranges: bytes
content-length: 232503
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:50:24 GMT

GET
H2 200 ico_arrow_w01.svg
gemforex.com/assets/images/common/ 228 B
443 B 96ms
95ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_arrow_w01.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

1afc396d6af66e0821ebdea1c35e6fee11b1aa33df82242968fe54d29d2e306a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:04 GMT
etag: "a60ea7-e4-5eeacce2819c1"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 228
x-xss-protection: 1; mode=block

GET
H2 200 slide_1_0_1_bg_d.jpg
gemforex.com/assets/images/campaign/ 132 KB
132 KB 19ms
18ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/slide_1_0_1_bg_d.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

990cfe7ef3676233770b1209146a05af1eb72bbf58e1743eb7e67ae312d290d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:08 GMT
etag: "a60eb2-20e97-5eeacce69cdcc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=68875
accept-ranges: bytes
content-length: 134807
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 03:26:32 GMT

GET
H2 200 slide_1_1_2_bg_d.jpg
gemforex.com/assets/images/campaign/ 78 KB
79 KB 13ms
13ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/slide_1_1_2_bg_d.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

014f0d2243d9fcf7323aa1a3224a4123a037f9c69713864aeff12d732ac5d106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:09 GMT
etag: "a60eb6-138ca-5eeacce79b7f3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=49156
accept-ranges: bytes
content-length: 80074
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 21:57:53 GMT

GET
H2 200 slide_1_0_3_bg_d.jpg
gemforex.com/assets/images/campaign/ 172 KB
173 KB 18ms
18ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/slide_1_0_3_bg_d.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a06ccd41313c40221a3b8cc5bf6d7a82cf1c4ef4c3ea494570db54fe22055e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:19 GMT
etag: "a60edd-2b044-5eeaccf183583"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=63965
accept-ranges: bytes
content-length: 176196
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:04:42 GMT

GET
H2 200 slide_1_0_4_bg_d.jpg
gemforex.com/assets/images/campaign/ 102 KB
103 KB 11ms
11ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/slide_1_0_4_bg_d.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

a67fd145335463c342e2bafa86735b263664b47b758b41570defac041ac48628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:23 GMT
etag: "a60eeb-1991e-5eeaccf50dd2f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=24935
accept-ranges: bytes
content-length: 104734
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 15:14:12 GMT

GET
H2 200 campaign_bg_0.jpg
gemforex.com/assets/images/campaign/ 369 KB
370 KB 12ms
12ms Image
image/jpeg 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/campaign/campaign_bg_0.jpg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9a23c0e5ea24ac7b0aeb37b87dca8b47298905fb526ed86a5408ee32e0ce1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:19 GMT
etag: "a60edb-5c452-5eeaccf109083"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=62527
accept-ranges: bytes
content-length: 377938
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 01:40:44 GMT

GET
H2 200 entryarea_bg.png
gemforex.com/assets/images/common/ 182 KB
182 KB 10ms
10ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/entryarea_bg.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

30133215d1a4f8a81aadb67be095bb4364bea162e4ec11aaca5f16c57b33aee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:03 GMT
etag: "a60ea5-2d6ae-5eeacce203642"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=38735
accept-ranges: bytes
content-length: 186030
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 19:04:12 GMT

GET
H2 200 photo_ambassador.png
gemforex.com/assets/images/common/ 247 KB
247 KB 11ms
11ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/photo_ambassador.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/content.css?20230109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

176ee7e000917152c860ca7c3229ec275c80d863636b82d6ed0723c97b232831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/content.css?20230109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:33:59 GMT
etag: "a60e9a-3da8c-5eeaccde99234"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=63857
accept-ranges: bytes
content-length: 252556
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:02:54 GMT

GET
H2 200 footer_sitemap_bg.png
gemforex.com/assets/images/common/ 169 KB
170 KB 11ms
11ms Image
image/png 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/footer_sitemap_bg.png

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

d47c98a3049b3f8f51f537f2a96b82e44f4159b89ed743844ba70dc08b161caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 11 Jan 2023 04:58:08 GMT
etag: "2803c88-2a4f6-5f1f5d8b6a24d"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=65229
accept-ranges: bytes
content-length: 173302
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 02:25:46 GMT

GET
H3 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
12 KB 3ms
2ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 16:53:53 GMT
x-content-type-options: nosniff
age: 55484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 16:53:53 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.115.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 3ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06803c61efa22d5d12893d3f9e4e0fc6f77f410f1ce63c7f61d86465cf230fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 07:55:26 GMT
x-content-type-options: nosniff
age: 1391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:55:26 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 3ms
3ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fad25cd49ede74711b387dc8073f3b1633337cf96a9291aacd4e94ef95aec2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 18:51:41 GMT
x-content-type-options: nosniff
age: 394016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13592
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 18:51:41 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.116.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516cc4eea5031acbb2122130f0b20a9f89ac9fb3765d107af17450f4cf4a1099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 23:22:11 GMT
x-content-type-options: nosniff
age: 464186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12760
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:22:11 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.114.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25796ab38e87b5915b2f8254e153cfb44462fce3d223fe7a7391c3cfcf3e2393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 02:09:24 GMT
x-content-type-options: nosniff
age: 108553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11900
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:06:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 02:09:24 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.109.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e47305e8935941d6b89c042041a047f3909ada020fbe30917068ee03deaa24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 26 Jan 2023 15:12:39 GMT
x-content-type-options: nosniff
age: 579958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12296
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 15:12:39 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.92.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 9ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.92.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ae590bf246ecdc4f30335ffc27da5fae8bb4a0677bcce5d2b183944bb07ad37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:23:14 GMT
x-content-type-options: nosniff
age: 456923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16500
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:23:14 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.117.woff2
fonts.gstatic.com/s/notosansjp/v42/ 10 KB
10 KB 8ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ba69c11db1d4be0836acfb5abe76c32024507fe2573024d4db23983a0ae8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 15:14:22 GMT
x-content-type-options: nosniff
age: 493455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10016
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 15:14:22 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.101.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15237be3700d3c6cd67edf8cc4d30014defef6cfd9f0d69480ed5348c3cb3a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:17:33 GMT
x-content-type-options: nosniff
age: 457264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:17:33 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.115.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 8ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f11e80c202112b15c05d01ee2cd25338c9d59e7e04b07e131b7244c35006b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 02:45:52 GMT
x-content-type-options: nosniff
age: 451965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:06:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 02:45:52 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.112.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 9ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a5100062c3d105b249f1431146e02d23d1acbe5acc7567e1a6b17d1bd3269b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 14:45:33 GMT
x-content-type-options: nosniff
age: 495184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13176
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 14:45:33 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.111.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
15 KB 9ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c2194a7f98988f663ef20e0c5e55be10484af7b9473fc255f2cb858a15ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 03:20:38 GMT
x-content-type-options: nosniff
age: 17879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14840
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 03:20:38 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.113.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
13 KB 10ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183bb6ae6b109ce74e499809151ae8dd4a15f0b2ac8b85576b3235ffc994db3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 05:28:13 GMT
x-content-type-options: nosniff
age: 183024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12784
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 05:28:13 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.108.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 10ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ad37bed7a0f2d557c99a7e5d82d29a1e528981971fbc5068735138e29e3fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 17:43:17 GMT
x-content-type-options: nosniff
age: 138920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16000
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 17:43:17 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.103.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 10ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c767b0d6780291d4f537cc3d96727bee9e4b58b8825963d85ef30fedf1d4cf64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 04:57:32 GMT
x-content-type-options: nosniff
age: 12065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 04:57:32 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.97.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 11ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.97.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

542aa608eb68aac92a8ea22fb98f5d8f4fa4859a4f1371659a3311d856f23d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:10:37 GMT
x-content-type-options: nosniff
age: 457680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15184
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:10:37 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.86.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 13ms
10ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.86.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92afda6f8132a600a974c39fbed5abfa5011575f8a89a439bdcf2dc90d0e50f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 22:57:56 GMT
x-content-type-options: nosniff
age: 379241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15212
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 22:57:56 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.110.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 14ms
11ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffbf54c595b540cea844fb2d3a12b341cd179147afca6e240824d9ba644ba98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 00:35:12 GMT
x-content-type-options: nosniff
age: 459805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13592
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 00:35:12 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.89.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 11ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.89.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ed654093e0dd46141985d0e466cc7c02c6d504203cd994e520446868311e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 16:41:39 GMT
x-content-type-options: nosniff
age: 142618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15680
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:55:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:41:39 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.105.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 10ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bbb24dbbcf74958618e58450a6b2291474f5ad9c6712a6772cec2109a19b034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 13:29:29 GMT
x-content-type-options: nosniff
age: 413348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:29:29 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.102.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 10ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644d85902b41af23422786132e55e8d8ec44a04121200dbdf5541b507039cb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 17:07:41 GMT
x-content-type-options: nosniff
age: 486656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15288
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 17:07:41 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.112.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 13ms
10ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59e1cf45de10091552f94b23234ca14086dfc0846edeefa21daae829ea33e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 13:12:49 GMT
x-content-type-options: nosniff
age: 68748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12868
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 13:12:49 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.92.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 12ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.92.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19eecd7c292339bfbd71fdf0628a287d714bf340ef078706fc3c4fe5a50869f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 03:19:32 GMT
x-content-type-options: nosniff
age: 17945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15964
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 03:19:32 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.103.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 12ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

044586c804b27862033465bc309b628e6bbcdcf7c0cb8737f3bbc7c79bd81e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sun, 29 Jan 2023 23:03:02 GMT
x-content-type-options: nosniff
age: 292535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14068
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:03:02 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.111.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 10ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ac8257ecaf66fb2a8a377dccba0fc5a609b2cf58e8c8a1fb80c590fc600029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:23:13 GMT
x-content-type-options: nosniff
age: 456924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14240
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:23:13 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.109.woff2
fonts.gstatic.com/s/notosansjp/v42/ 12 KB
12 KB 15ms
13ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7a1d2d2a3fcacb73dce9dd879fa0e959268e323f6d01b931f2bff612cb71483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 11:27:57 GMT
x-content-type-options: nosniff
age: 75040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12196
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 11:27:57 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.97.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 14ms
12ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.97.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022892579716c5bc07633f83b69035c2467de026c99283d8bfe33a4a03ff8d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 13:53:15 GMT
x-content-type-options: nosniff
age: 152722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14952
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 13:53:15 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.94.woff2
fonts.gstatic.com/s/notosansjp/v42/ 17 KB
17 KB 13ms
12ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.94.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cfa69f7f23642aa1be31f5350871e4c999047004e4d3428a46dbbb8fcdbfa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 23:29:01 GMT
x-content-type-options: nosniff
age: 463776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17160
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 23:29:01 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.104.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0ea3789c7912ae25b0ec5a33da8f6b6a91546746c95252cd90453f02ad1ce36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 26 Jan 2023 09:24:50 GMT
x-content-type-options: nosniff
age: 600827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:24:50 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.104.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74feff8048289b0b212e91f749228e4adf90f61225c27cf84037faab04d57e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 22:57:52 GMT
x-content-type-options: nosniff
age: 120045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14452
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:57:52 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.101.woff2
fonts.gstatic.com/s/notosansjp/v42/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f39c8c62cf13a41845f698574b519cb86764f33488dec60b7a110c45a328649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:10:14 GMT
x-content-type-options: nosniff
age: 457703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13604
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:10:14 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.76.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.76.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0184efe2b63acfb96979838c5763322a234f6ac2166cc6d72c5671795d72412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 13:53:26 GMT
x-content-type-options: nosniff
age: 152711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15292
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:06:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 13:53:26 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.86.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.86.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03dcfbce3791beabb72ba13efe200346d765e5a0ddf5da4ead4346c27dc369ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 16:45:41 GMT
x-content-type-options: nosniff
age: 142376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14564
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:06:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 16:45:41 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.105.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622bb511c1a03c30b4cf2e37aefaa9aed8f375f1b82dc7b8d6cb176e116b4e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 10:35:06 GMT
x-content-type-options: nosniff
age: 423811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14140
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 10:35:06 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.106.woff2
fonts.gstatic.com/s/notosansjp/v42/ 18 KB
18 KB 10ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

841aec656e77af6c164eecdaf3cac3285130c3e5789400f7ed53dcccbc22bd28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 02:43:04 GMT
x-content-type-options: nosniff
age: 106533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18636
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 02:43:04 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.107.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 9ms
5ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc29ff9026f4db4d334bacfe23755345f1043db3d877bc7c38ea31a83d65099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 04:09:36 GMT
x-content-type-options: nosniff
age: 14941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14128
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 04:09:36 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.89.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 11ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.89.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e63b92cdf7bdb689f4c57444c7798eadea5d966d3020504e7c4bd1cb622c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 22:24:37 GMT
x-content-type-options: nosniff
age: 122040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 22:24:37 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.107.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 11ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2902807a8f5cbe04ed185288d3288180e399dc2a371e80f0540f0df02b9daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 13:29:09 GMT
x-content-type-options: nosniff
age: 413368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13880
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:29:09 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.98.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 203ms
200ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.98.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e23b1e49406a0130fd6d9edddd6aac23b89ea92d4860acf0fa564c07be3665f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Wed, 01 Feb 2023 00:03:37 GMT
x-content-type-options: nosniff
age: 116100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15388
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 00:03:37 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.106.woff2
fonts.gstatic.com/s/notosansjp/v42/ 18 KB
18 KB 11ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

018cef243f8bdf2d3ad75cb619a6ebe28f8e5a8ce51f003fdcb4d1a4566a93c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 01:18:05 GMT
x-content-type-options: nosniff
age: 457232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18112
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:13:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 01:18:05 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.95.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.95.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16ed2c67cb471820cca86dd3bf38a3bff2696995be7b0b47a5d1a38651fd75de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Tue, 31 Jan 2023 13:53:15 GMT
x-content-type-options: nosniff
age: 152722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15136
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 13:53:15 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.96.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 9ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.96.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239e54480c058fac6ca82ddab4a8bc780eb0e52f015a4c9ea29bbb5503b33618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 26 Jan 2023 12:22:22 GMT
x-content-type-options: nosniff
age: 590175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16696
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 12:22:22 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.88.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 11ms
11ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.88.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7715babe1f8bdc288618b99854d494552d589a5d791b23ecd71b0849659488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Mon, 30 Jan 2023 15:58:18 GMT
x-content-type-options: nosniff
age: 231619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:08:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:58:18 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.98.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.98.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa78afcdd826b804e6f5750f35a9b3f6d009b31c4ef20adf46ddcd77df728303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 13:34:35 GMT
x-content-type-options: nosniff
age: 413042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15540
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:17:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 13:34:35 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.93.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.93.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d77c7d6f0a4ea275b7014a9e46f790db810b23632928e3f3185adf445a8621cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 26 Jan 2023 16:52:08 GMT
x-content-type-options: nosniff
age: 573989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14912
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:55:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 16:52:08 GMT

GET
H3 200 -F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.91.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F6pfjtqLzI2JPCgQBnw7HFQei0q1xVxjfp_dakBof6Bs-tb3ab2FNISVac.91.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df6fe966ea06bce2d8fbfe323865ed0a70338a3a68f268cd691d31e6821b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sat, 28 Jan 2023 22:58:11 GMT
x-content-type-options: nosniff
age: 379226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16796
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:55:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 22:58:11 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.93.woff2
fonts.gstatic.com/s/notosansjp/v42/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.93.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04237c4a5327628489ae6fb113e031d94d5629e818306d84de3fee8d1854b186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Mon, 30 Jan 2023 21:03:16 GMT
x-content-type-options: nosniff
age: 213321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14368
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 21:03:16 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.84.woff2
fonts.gstatic.com/s/notosansjp/v42/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.84.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fed07219b4cbb410f7cd9379c1536dc15676c2515db015032c6197df12db40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 03:18:54 GMT
x-content-type-options: nosniff
age: 17983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15596
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:06:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 03:18:54 GMT

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.99.woff2
fonts.gstatic.com/s/notosansjp/v42/ 16 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v42/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.99.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@400;700&family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

880d2495792a7131d8b1c10a27e04c94cf47ae2fef49e8a3c427163eda6ef5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sun, 29 Jan 2023 07:58:55 GMT
x-content-type-options: nosniff
age: 346782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16528
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:07:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:58:55 GMT

GET
H2 200 slick.woff
gemforex.com/fonts/ 1 KB
2 KB 12ms
12ms Font
text/plain 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gemforex.com/fonts/slick.woff

Requested by

Host: gemforex.com
URL: https://gemforex.com/CSS/base_20200109_min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gemforex.com/CSS/base_20200109_min.css
Origin: https://gemforex.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Sep 2017 06:19:37 GMT
etag: "bc0fcc-564-5592042bd3c37"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cache-control: max-age=52705
accept-ranges: bytes
content-length: 1343
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 22:57:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 13ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 08:18:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SBLTjokLhbwenQ/Z480lBXjCx7plJhG+JjlHlpCoiQj3l3npMB8tfVJiTgFCJKlCbEbPe8e+oHXhji7Eb7J5oQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel2.js Show response
cd.ladsp.com/script/ 3 KB
2 KB 62ms
3ms Script
text/javascript 143.204.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script/pixel2.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-122-53.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ab85f3707da9c4d63285a154e4dd7bba361d60d591aa27f49398b9647fda03a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sun, 29 Jan 2023 05:30:39 GMT
content-encoding: gzip
via: 1.1 293be128029c006d8495321ac10640b4.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 05:15:46 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1646630144/ctime:1646630144/gid:0/gname:root/md5:824fadaff9332d23a01ebbab4d680731/mode:33188/mtime:1646630144/uid:0/uname:root
x-amz-cf-pop: NRT20-C2
age: 355679
etag: "824fadaff9332d23a01ebbab4d680731"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
content-length: 1403
x-amz-cf-id: F6ZDssgjJw38rrIyDiCQ3bSky7SH0vHoK5f-7UwOWz0JDXOWdgriYw==

GET
H2 200 pixel2_p_delay.js Show response
cd.ladsp.com/script/ 4 KB
2 KB 62ms
4ms Script
text/javascript 143.204.122.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.ladsp.com/script/pixel2_p_delay.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.122.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-122-53.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424da953a071c56f6274ec5303ae946f2f3f3988be32355b2e2cc72c84ca573c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Sun, 29 Jan 2023 05:08:33 GMT
content-encoding: gzip
via: 1.1 293be128029c006d8495321ac10640b4.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jan 2020 06:07:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 357005
etag: "8e7236b47efc360b4a530840d0ad9dc2"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
content-length: 1719
x-amz-cf-id: 9Qe38UAZ1YaC83l7LTAApBw5JXbYFsnx6InjI40yiA24r3iMAJeUpg==

GET
H/1.1 200
OK cookie_js.php Show response
ac.miraku.work/fpc/ 9 KB
10 KB 21ms
6ms Script
application/javascript 210.152.82.21
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.miraku.work/fpc/cookie_js.php?scriptId=afadfpc-e925a889a31e2W2agid172-1675325917648
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.152.82.21 Kitakyushu, Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: 210-152-82-21.candela.jp-east-2.compute.idcfcloud.net
Software: nginx /
Resource Hash: 12b74603ffc71b332267f7c7d5e6267438ed5940381dcc186e04f5ea74f3fe9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:37 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
am.yahoo.co.jp/rt/ 0
151 B 17ms
17ms Script
text/javascript 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://am.yahoo.co.jp/rt/?p=JIG85UX1AM&label=&ref=https%3A%2F%2Fgemforex.com%2Fcampaign.php&rref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&pt=&item=&cat=&price=&quantity=&r=1675325917.6919591&pvid=e91xsbqgwkqldmtsn7a&_impl=prev

Requested by

Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
x-content-type-options: nosniff
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 0
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 1;mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/6cb65d33d738e8fe/ 305 KB
102 KB 5ms
4ms Script
text/javascript 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/6cb65d33d738e8fe/cse_element__ja.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0542df4c57bc6d049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8ac7588ff614ada36eeecd3df86bb79fdc3243320d7e6e586dfe37758f297b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 01:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104116
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 19:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 02 Feb 2024 01:07:39 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/6cb65d33d738e8fe/ 41 KB
9 KB 3ms
3ms Stylesheet
text/css 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/6cb65d33d738e8fe/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0542df4c57bc6d049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 03:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 19:47:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 02 Feb 2024 03:56:38 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 4ms
3ms Stylesheet
text/css 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=0542df4c57bc6d049

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 02 Feb 2023 09:01:23 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10842515122/ 2 KB
1 KB 102ms
54ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10842515122/?random=1675325917772&cv=11&fst=1675325917772&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&auid=1529628732.1675325918&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10842515122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3073cb64d2ad234997c89abcb702172b71a73c887e8b2b071a682c35da80bbb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
www.google.co.jp/pagead/1p-conversion/10973676377/
Redirect Chain

https://www.google.com/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google...
https://www.google.co.jp/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.goog...

43 B
519 B

93ms
48ms

Script
text/javascript

2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.co.jp/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&value=0&bttype=purchase&auid=1529628732.1675325918&uamb=0&uaw=0&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/javascript; charset=UTF-8
location: https://www.google.co.jp/pagead/1p-conversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&value=0&bttype=purchase&auid=1529628732.1675325918&uamb=0&uaw=0&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10973676377/ 42 B
534 B 89ms
54ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10973676377/?random=1675325917787&cv=11&fst=1675325917787&fmt=3&bg=ffffff&guid=ON&async=1&gtm=2wg1u0&u_w=1600&u_h=1200&label=47lHCPaQuNgDENmG1PAo&hn=www.google.com&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&value=0&bttype=purchase&auid=1529628732.1675325918&uamb=0&uaw=0&gcp=1&ct_cookie_present=1

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
b97.yahoo.co.jp/pagead/conversion/1000417749/ 42 B
710 B 85ms
66ms Image
image/gif 183.79.255.12
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b97.yahoo.co.jp/pagead/conversion/1000417749/?random=1675325917797&cv=9&fst=1675325917797&num=1&fmt=3&guid=ON&disvt=false&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.12 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:37 GMT
Content-Security-Policy: script-src 'none'; object-src 'none'
X-Content-Type-Options: nosniff
Age: 0
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 42
X-XSS-Protection: 0
Pragma: no-cache
Server: ATS
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 235706550252178 Show response
connect.facebook.net/signals/config/ 150 KB
41 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/235706550252178?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48c5bf5b1aab32b00b4973e2c971dd808a14b8fbceac94734607b6f299c33383

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 08:18:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42234
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /z6i+vNpMqlhjMh2cC9km6eqY7GDwIl8XZLjt5M+7H2q4UMp52ipuqE7eocT9zAuWvl3zBH+BkX3YAUOm7kCRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 382461245
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK param.min.js Show response
ac.miraku.work/fpc/ 3 KB
3 KB 6ms
5ms Script
application/javascript 210.152.82.21
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.miraku.work/fpc/param.min.js
Requested by: Host: ac.miraku.work
URL: https://ac.miraku.work/fpc/cookie_js.php?scriptId=afadfpc-e925a889a31e2W2agid172-1675325917648
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.152.82.21 Kitakyushu, Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: 210-152-82-21.candela.jp-east-2.compute.idcfcloud.net
Software: nginx /
Resource Hash: 4ef4a1ab45eb8fe022dfe326f50379ec3e9e5361c94f1f2df29f1cd317c4265c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:37 GMT
Last-Modified: Wed, 21 Dec 2022 04:31:12 GMT
Server: nginx
ETag: "63a28c10-ca3"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3235

GET
H2

200

pixel Show response
px.ladsp.com/
Redirect Chain

https://px.ladsp.com/pixel?advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F
https://px.ladsp.com/pixel?cr=true&advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F

1 KB
2 KB

6ms
5ms

Script
text/javascript

54.238.247.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ladsp.com/pixel?cr=true&advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Server: 54.238.247.89 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-247-89.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 0bb236855a0fdd68003e72fcf27a3ca8712d786ac6d663d3da72bc78857f11aa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
cache-control: private, no-store, no-cache, must-revalidate
expires: -1
server: Logicad
content-type: text/javascript;charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
server: Logicad
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://px.ladsp.com/pixel?cr=true&advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F
content-type: text/html;charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate
content-length: 0
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
37ms XHR
text/plain 2404:6800:4004:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=466822730&t=pageview&_s=1&dl=https%3A%2F%2Fgemforex.com%2Fcampaign.php&dr=https%3A%2F%2Fsyndication.optimizesrv.com%2F&ul=en-us&de=UTF-8&dt=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1855155311&gjid=1295462000&cid=2092766933.1675325918&tid=UA-43873734-4&_gid=1112623721.1675325918&_r=1&_slc=1&z=340147102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gemforex.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gemforex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 08:18:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tLK/qV0hQLOgcCXmmkpAjDPcc7U9QbjpKMCNlpOXXzNqAUT42vHwf40XnCVC0R43GJ7KYPc+dC+Anie1nayNEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10842515122/ 42 B
64 B 46ms
45ms Image
image/gif 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10842515122/?random=1675325917772&cv=11&fst=1675324800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=92947073&rmt_tld=0&ipr=y

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/10842515122/ 42 B
119 B 44ms
43ms Image
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/10842515122/?random=1675325917772&cv=11&fst=1675324800000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&tiba=%E6%96%B0%E8%A6%8F%E5%8F%A3%E5%BA%A7%E9%96%8B%E8%A8%AD%E3%83%9C%E3%83%BC%E3%83%8A%E3%82%B9%E3%82%AD%E3%83%A3%E3%83%B3%E3%83%9A%E3%83%BC%E3%83%B3%EF%BD%9CGEMFOREX&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=92947073&rmt_tld=1&ipr=y

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
js.octopuspop.com/view/ Frame ADA2 1 KB
1 KB 2ms
1ms Document
text/html 2400:52e0:1501::1064:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://js.octopuspop.com/view/ls.html
Requested by: Host: js.octopuspop.com
URL: https://js.octopuspop.com/precv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1064:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1064 /
Resource Hash: 926a6b056e2327668477b0e0879783844a326955121cc69d9ba5f4ede4d4fd6f

Request headers

Referer: https://gemforex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 01/30/2023 08:26:28
cdn-edgestorageid: 1061
cdn-proxyver: 1.03
cdn-pullzone: 96923
cdn-requestcountrycode: JP
cdn-requestid: 88921bcf53016238f45339e1aecd1716
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
content-encoding: br
content-type: text/html
date: Thu, 02 Feb 2023 08:18:37 GMT
etag: W/"edfc2e8968bce09f9e7feef6ced5f59a"
last-modified: Mon, 30 Jan 2023 06:11:03 GMT
server: BunnyCDN-JP1-1064
vary: Accept-Encoding
x-amz-id-2: jkdHk+626HCHBjXhJqzwaT0F2Jm1TJd31SK0QzvKHEI2520iNR8heMZDIFazp9hlNjGd+gL8XH8=
x-amz-request-id: WDRSZT74RSFNQGWT

GET
H/1.1 200
OK cookie.js Show response
ac.afi-thor.com/ck/c697f70c945f834e/ 56 KB
56 KB 25ms
11ms Script
application/javascript 203.137.177.25
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://ac.afi-thor.com/ck/c697f70c945f834e/cookie.js
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.137.177.25 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: 203-137-177-25.jp-east-2.compute.idcfcloud.com
Software: nginx /
Resource Hash: fa6ab34cb2275ffa374cbe2dc4d16731c938c93a309f90dec42648239c036b58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:37 GMT
Last-Modified: Wed, 14 Dec 2022 06:31:21 GMT
Server: nginx
ETag: "63996db9-e0f1"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57585

GET
H2 200 n Show response
rt.gsspat.jp/ Frame D19F 23 B
177 B 3ms
2ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/n?v=1
Requested by: Host: genieedmp.com
URL: https://genieedmp.com/dmp.js?c=6250&ver=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 94ea52aee62e98658e4284ace4468b1ed602c31651699e7bbc078918dae84bdf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 47ms
46ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/6cb65d33d738e8fe/cse_element__ja.js?usqp=CAM%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c4ac386319341c7ea12c25b2b6a792a676164dcf0297aeac66564cca203b34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "16345307704952310926"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Feb 2023 08:18:37 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 4ms
3ms Image
image/png 2404:6800:4004:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/6cb65d33d738e8fe/default+ja.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80a::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/6cb65d33d738e8fe/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 27 Jan 2023 23:29:00 GMT
x-content-type-options: nosniff
age: 463777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 27 Jan 2024 23:29:00 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
117 B 55ms
2ms Image
text/plain 2404:6800:4004:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:812::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 54ms
2ms Image
text/plain 2404:6800:4004:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 1658870547700028 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1658870547700028?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4520328588c694c8d58f01cbc7e8b4c1ff6fabb6825532c84ffd87a31346cd99

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 Feb 2023 08:18:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110213
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H1sSuG8YJSSNDGUfOVf5afjH8Gllfu8Lh7lChr4tMnvJx4oU/YJEMdSpzxVqt8QpfFqbpmcgMoLMjXHFPHGUzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 11ms
3ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=235706550252178&ev=PageView&dl=https%3A%2F%2Fgemforex.com%2Fcampaign.php&rl=https%3A%2F%2Fsyndication.optimizesrv.com%2F&if=false&ts=1675325917979&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=28&fbp=fb.1.1675325917978.1301181762&it=1675325917859&coo=false&rqm=GET

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 08:18:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ico_nav_tw_k.svg
gemforex.com/assets/images/common/ 599 B
816 B 88ms
87ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_tw_k.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

7b19fb29285618a4cc2daef3d34cc16f3d258ddf25c35e0b42be41565ddcb3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: Nosniff
last-modified: Wed, 30 Nov 2022 09:34:01 GMT
etag: "a60e9e-257-5eeacce024652"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 599
x-xss-protection: 1; mode=block

GET
H2 200 ico_nav_lang_k.svg
gemforex.com/assets/images/common/ 3 KB
1 KB 93ms
93ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_lang_k.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a4009d426ca81e3d7ed8704a220b9bacc4dfe95eb13c35c07397c82c02ead4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:05 GMT
etag: "a60ead-b73-5eeacce41a4b6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1293
x-xss-protection: 1; mode=block

GET
H2 200 ico_nav_login_k.svg
gemforex.com/assets/images/common/ 1 KB
771 B 96ms
95ms Image
image/svg+xml 23.45.50.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemforex.com/assets/images/common/ico_nav_login_k.svg

Requested by

Host: gemforex.com
URL: https://gemforex.com/assets/css/base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.50.243 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-50-243.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea375faa4638d81760f881768e150b4752ed092de72fd78d236d38acbf0e4f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	Nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/assets/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
x-content-type-options: Nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 30 Nov 2022 09:34:02 GMT
etag: "a60ea2-449-5eeacce118c69"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 534
x-xss-protection: 1; mode=block

GET
H2 200 m Show response
rt.gsspat.jp/ Frame D19F 2 KB
484 B 7ms
6ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/m?cid=6250&loc=https%3A%2F%2Fgemforex.com%2Fcampaign.php&ref=https%3A%2F%2Fsyndication.optimizesrv.com%2F&dmp_v=2&cvars=
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 6ab21120a50a87b178e227b2dd45a26e1cee8d3f440d19850d80cbe8498eff01

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 cs
rt.gsspat.jp/yie/ld/ Frame D19F 43 B
238 B 6ms
6ms Image
image/gif 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt.gsspat.jp/yie/ld/cs?dspid=lamp
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: image/gif
date: Thu, 02 Feb 2023 08:18:37 GMT
server: nginx
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame 38DF 5 KB
5 KB 56ms
7ms Document
text/html 143.204.126.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-45.nrt20.r.cloudfront.net
Software: Logicad /
Resource Hash: 03e97d50f8a7713f99085c0327b5e2eea9faf72008a427562cc78c3009d559c3

Request headers

Referer: https://gemforex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
expires: -1
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 3ed49104d7c94fa12d28825f6707b028.cloudfront.net (CloudFront)
x-amz-cf-id: xJmOJD5xxX1ZjQSKfB8orAriGd0ppfpIpOecNRGo13kCc3hHfUZt0Q==
x-amz-cf-pop: NRT20-C2
x-cache: Miss from cloudfront

GET
H2 200 iframe Show response
um.ladsp.com/match/ Frame 14A7 5 KB
5 KB 63ms
14ms Document
text/html 143.204.126.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Requested by: Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00015439&su=2&site_url=https%3A%2F%2Fgemforex.com%2Fcampaign.php&referer=https%3A%2F%2Fsyndication.optimizesrv.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-45.nrt20.r.cloudfront.net
Software: Logicad /
Resource Hash: 14af3654a378d80322de0d39af26cd18c1f04eab78b1d0e162d0a16681115199

Request headers

Referer: https://gemforex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-type: text/html;charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
expires: -1
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 3ed49104d7c94fa12d28825f6707b028.cloudfront.net (CloudFront)
x-amz-cf-id: UDH-7OL_C6cBdyLfErp3aGLrC4FjhIgGIzm1YXKRp2XG-M2pGVxrCQ==
x-amz-cf-pop: NRT20-C2
x-cache: Miss from cloudfront

GET
H2 200 g Show response
rt.gsspat.jp/ Frame D19F 256 B
344 B 4ms
3ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=57443&j=1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 5acdc04cafd138ececddb327370a564b7ecb0a9722c5168d860119e5e18475a9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 g Show response
rt.gsspat.jp/ Frame D19F 256 B
344 B 3ms
2ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=57444&j=1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: ecc0450b6f29ed6974f6e49ee5ac8e34b106bdabdeca7ca4595f89cf466a9706

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 g Show response
rt.gsspat.jp/ Frame D19F 256 B
344 B 4ms
3ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=57451&j=1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: a970353bce58bc0d8ffe4ab5dc2f4343c3921814a8ad2979150bcac157f7d75e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 g Show response
rt.gsspat.jp/ Frame D19F 256 B
344 B 4ms
4ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=58203&j=1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 015531b1900e45a116f6e17acdba5b9486444fb160dcce18f1d52ecfc7b18a82

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 g Show response
rt.gsspat.jp/ Frame D19F 256 B
344 B 3ms
3ms Script
text/javascript 222.230.178.33
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.gsspat.jp/g?rtid=58415&j=1
Requested by: Host: trac.adspop.me
URL: https://trac.adspop.me/oS92lgXPP?pop=0KsAUJeTLw30StVZMgdR3g%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.230.178.33 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: b92cb0a22ec331856f234ffd906f336f47d9010f0820e9f9a80f271b989d40e2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 02 Feb 2023 08:18:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 3ms
2ms Image
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658870547700028&ev=PageView&dl=https%3A%2F%2Fgemforex.com%2Fcampaign.php&rl=https%3A%2F%2Fsyndication.optimizesrv.com%2F&if=false&ts=1675325918043&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675325917978.1301181762&it=1675325917859&coo=false&rqm=GET

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 Feb 2023 08:18:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK rt.js Show response
dmp.im-apps.net/sdk/ Frame D19F 829 B
932 B 9ms
2ms Script
application/javascript 2600:140b:2::172c:3392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/rt.js
Requested by: Host: rt.gsspat.jp
URL: https://rt.gsspat.jp/g?rtid=57443&j=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2::172c:3392 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce28a4ca77a107d737c54d6361ca190d02d0a3baa2399c4df762d45dc5a07203

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

x-amz-version-id: SVFZRtOx9kTLsS19YO_X9.HimG0MDCYB
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 08:18:38 GMT
Last-Modified: Wed, 01 Dec 2021 06:50:38 GMT
ETag: "6d55b46cb4f9634a8abe05b0a622b019"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=3600
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 495

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ Frame D19F 6 KB
3 KB 2ms
2ms Script
application/javascript 2600:140b:2::172c:3392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/rt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:2::172c:3392 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 08:18:38 GMT
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2442

GET
H/1.1 200
OK get Show response
audiencedata.im-apps.net/imuid/ Frame D19F 28 B
318 B 88ms
13ms XHR
application/json 2600:140b:400::172d:3323
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:400::172d:3323 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 823b097c1ec66c62a20ec373c757c6b3383f424d3a0fdd1694ecfb485409e0df

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://gemforex.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 48

GET
H2

200

google
px.ladsp.com/match/ Frame 38DF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02
https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESEJwT2bFlEiW98nngiU3PPKo&google_cver=1

43 B
377 B

5ms
5ms

Image
image/gif

54.238.247.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESEJwT2bFlEiW98nngiU3PPKo&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Server: 54.238.247.89 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-247-89.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
server: Logicad
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESEJwT2bFlEiW98nngiU3PPKo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 38DF
Redirect Chain

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ

43 B
106 B

42ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 38DF 42 B
269 B 24ms
3ms Image
image/gif 103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 08:18:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 38DF
Redirect Chain

https://ib.adnxs.com/setuid?entity=276&code=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ

43 B
1 KB

214ms
109ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ

Requested by

Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 08:18:38 GMT
AN-X-Request-Uuid: 54a8dfce-f5cc-48ca-a7d9-babd4e8d126e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.252.172; 217.138.252.172; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 08:18:38 GMT
AN-X-Request-Uuid: a99ffcfa-6517-4b8f-8758-fc94b55d228e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.252.172; 217.138.252.172; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hs
s-cs.send.microad.jp/ Frame 38DF 43 B
550 B 63ms
3ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLfg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
content-type: image/gif
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

GET
H2 200 /
sync.ad-stir.com/ Frame 38DF 43 B
358 B 56ms
4ms Image
image/gif 13.230.11.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.230.11.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-11-0.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cs
y.one.impact-ad.jp/ Frame 38DF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcg
https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLcg
https://y.one.impact-ad.jp/cs?d=105&uid=74b925c1-9f1e-47c4-98d5-5e4955e6f340&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=

11 B
218 B

459ms
3ms

Image
text/html

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/cs?d=105&uid=74b925c1-9f1e-47c4-98d5-5e4955e6f340&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: //y.one.impact-ad.jp/cs?d=105&uid=74b925c1-9f1e-47c4-98d5-5e4955e6f340&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
Date: Thu, 02 Feb 2023 08:18:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 38DF 42 B
773 B 433ms
106ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=AeDQNIZ4hJpXks8AD1OPZ7Am5hA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8879d63542e1f07dd8e6d691f6d521da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame 38DF 43 B
831 B 307ms
7ms Image
image/gif 202.241.208.55
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.55 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 02 Feb 2023 08:18:38 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.172","key":"Y9tx3sCo5tIAAF9EKD4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40265"}
X-SO-Key: Y9tx3sCo5tIAAF9EKD4AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40265
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40265.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: a-tgng40014.dc2p.scaleout.jp
X-SO-IP: 217.138.252.172

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55978/ Frame 38DF
Redirect Chain

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ&verify=true

0
17 B

8ms
8ms

Image
text/plain

13.115.198.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ&verify=true

Requested by

Protocol

Server

13.115.198.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-198-155.ap-northeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhQ&verify=true
date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 /
cs.adingo.jp/sync/ Frame 38DF 43 B
410 B 17ms
5ms Image
image/gif 54.92.23.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.23.157 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-23-157.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 38DF 0
230 B 646ms
48ms Image
text/plain 141.226.231.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLiw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47293

GET
H/1.1 200
OK cookiesync
ad.caprofitx.adtdp.com/v1/ Frame 38DF 35 B
600 B 245ms
4ms Image
image/gif 13.113.86.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.caprofitx.adtdp.com/v1/cookiesync?logicad_uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.86.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-86-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
X-Trace-Token: 23ff20e8689c-5769221
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 cs
cs.gssprt.jp/yie/ld/ Frame 38DF 43 B
446 B 17ms
4ms Image
image/gif 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=AeDQNIZ4hJpXks8AD1OPZ7Am5hw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 38DF 0
0 456ms
115ms Image
application/json 38.133.127.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=logicad&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLkA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

GET
H2 200 sync.ad
sp.gmossp-sp.jp/ads/ Frame 38DF 43 B
458 B 20ms
9ms Image
image/gif 35.201.98.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLkg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.98.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.98.201.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 17398c4e70544c80cc0b4940ecf99603
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 02 Feb 2023 09:18:38 GMT

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame 38DF 35 B
469 B 18ms
4ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 38DF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ&__user_check__=1&sync_id=3213bead-a2d2-11ed-b9e8-1457a7f90407

43 B
607 B

70ms
69ms

Image
image/gif

103.71.26.126
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ&__user_check__=1&sync_id=3213bead-a2d2-11ed-b9e8-1457a7f90407
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Server: 103.71.26.126 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 77
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlQ&__user_check__=1&sync_id=3213bead-a2d2-11ed-b9e8-1457a7f90407
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 34
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
as.amanad.adtdp.com/v1/ Frame 38DF 42 B
801 B 19ms
5ms Image
image/gif 13.32.50.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.50.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-50-107.nrt57.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 9063af643f5f74dbc0e44494f142a87e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: NRT57-C1
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
x-amz-cf-id: b950TL6VhioVORW1lltXaLcYobVzApPYWdcOXHPdJJdM25pZvba8rQ==
content-length: 42
x-xss-protection: 0
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2

200

google
px.ladsp.com/match/ Frame 14A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02
https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESELOPuNzmVgWto4aoP5UmUBs&google_cver=1

43 B
377 B

6ms
5ms

Image
image/gif

54.238.247.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESELOPuNzmVgWto4aoP5UmUBs&google_cver=1
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Server: 54.238.247.89 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-247-89.ap-northeast-1.compute.amazonaws.com
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
server: Logicad
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.ladsp.com/match/google?logicad_uid=AeDQNIZ4hJpXks8AD1OPZ7Am5sA&svid=02&google_gid=CAESELOPuNzmVgWto4aoP5UmUBs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 14A7
Redirect Chain

https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

43 B
180 B

42ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 14A7 42 B
419 B 19ms
3ms Image
image/gif 103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 02 Feb 2023 08:18:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 14A7
Redirect Chain

https://ib.adnxs.com/setuid?entity=276&code=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

43 B
1 KB

302ms
236ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

Requested by

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 08:18:38 GMT
AN-X-Request-Uuid: 24f0fa91-66aa-420e-844c-816e6ccd9d64
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.252.172; 217.138.252.172; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Feb 2023 08:18:38 GMT
AN-X-Request-Uuid: 1fcc150d-d266-4ff0-a407-95e6af6c6672
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.252.172; 217.138.252.172; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hs
s-cs.send.microad.jp/ Frame 14A7 43 B
551 B 58ms
3ms Image
image/gif 202.233.84.8
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-cs.send.microad.jp/hs?k=logicad_2&id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLhg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
content-type: image/gif
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

GET
H2 200 /
sync.ad-stir.com/ Frame 14A7 43 B
357 B 52ms
4ms Image
image/gif 13.230.11.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=LOGICAD&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 13.230.11.0 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-11-0.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cs
y.one.impact-ad.jp/ul_cb/ Frame 14A7
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
https://y.one.impact-ad.jp/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ

11 B
218 B

9ms
3ms

Image
text/html

35.213.109.249
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Server: 35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 249.109.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 11
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=&tg=1&et=30&r=no&bsw_dsp_id=102&bsw_dsp_uuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
Date: Thu, 02 Feb 2023 08:18:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 14A7 42 B
773 B 441ms
110ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=AeDQNIZ4hJpXks8AD1OPZ7Am5hA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK sync
ssl.socdm.com/rtb/ Frame 14A7 43 B
825 B 303ms
7ms Image
image/gif 202.241.208.55
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.55 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 02 Feb 2023 08:18:38 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.172","key":"Y9tx3sCo5ugAAAXX8gwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad204"}
X-SO-Key: Y9tx3sCo5ugAAAXX8gwAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad204
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad204.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: a-tgng40017.dc2p.scaleout.jp
X-SO-IP: 217.138.252.172

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55978/ Frame 14A7
Redirect Chain

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA
https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA&verify=true

0
121 B

8ms
8ms

Image
text/plain

13.115.198.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA&verify=true

Requested by

Protocol

Server

13.115.198.155 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-198-155.ap-northeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55978/sync?_origin=1&gdpr=0&gdpr_consent=&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjA&verify=true
date: Thu, 02 Feb 2023 08:18:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 /
cs.adingo.jp/sync/ Frame 14A7 43 B
409 B 20ms
7ms Image
image/gif 54.92.23.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=logicad&id=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.23.157 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-92-23-157.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 /
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 14A7 0
229 B 647ms
50ms Image
text/plain 141.226.231.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLkg
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47293

GET
H/1.1 200
OK cookiesync
ad.caprofitx.adtdp.com/v1/ Frame 14A7 35 B
601 B 250ms
4ms Image
image/gif 13.113.86.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.caprofitx.adtdp.com/v1/cookiesync?logicad_uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlA
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.113.86.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-86-10.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
X-Trace-Token: d8c8eacd543b-47329800
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 cs
cs.gssprt.jp/yie/ld/ Frame 14A7 43 B
445 B 17ms
5ms Image
image/gif 222.230.178.129
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=AeDQNIZ4hJpXks8AD1OPZ7Am5hw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.129 Asahikawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 14A7 0
0 458ms
116ms Image
application/json 38.133.127.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=logicad&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

GET
H2 200 sync.ad
sp.gmossp-sp.jp/ads/ Frame 14A7 43 B
333 B 24ms
12ms Image
image/gif 35.201.98.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLmQ
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.98.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.98.201.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 6cef012b55dc68a668fdcf4f8232b56c
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 02 Feb 2023 09:18:38 GMT

GET
H/1.1 200 cs
discoveryplus.popin.cc/popin_discovery/ Frame 14A7 35 B
469 B 17ms
3ms Image
image/gif 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLmw
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 14A7
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA
https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA&__user_check__=1&sync_id=3214d4fa-a2d2-11ed-8154-1ff8a4d40207

43 B
607 B

73ms
73ms

Image
image/gif

103.71.26.126
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA&__user_check__=1&sync_id=3214d4fa-a2d2-11ed-8154-1ff8a4d40207
Requested by: Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_19_20_25_27_28_30_32_34_35_32000_42&ts=1675325917941&svid=54&stu=UF8lTWV1JkyYi3MNM-62VTrYTp4X9zWrZyqhmbMiizMK9hhyJ8EAgmJZev-6caWn
Protocol: HTTP/1.1
Server: 103.71.26.126 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 02 Feb 2023 08:18:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=8750&img=1&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLnA&__user_check__=1&sync_id=3214d4fa-a2d2-11ed-8154-1ff8a4d40207
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
as.amanad.adtdp.com/v1/ Frame 14A7 42 B
802 B 19ms
5ms Image
image/gif 13.32.50.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.50.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-50-107.nrt57.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://um.ladsp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

pragma: no-cache
date: Thu, 02 Feb 2023 08:18:38 GMT
via: 1.1 9063af643f5f74dbc0e44494f142a87e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: NRT57-C1
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
x-amz-cf-id: nsRzN25TDDdsmzW-LcViE8dXA4nxCGEvyexqzYps16oPoCbiZtK2Nw==
content-length: 42
x-xss-protection: 0
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 h.9e9547e9a05fb87c
b6.im-apps.net/3929/rt/58415/ Frame D19F 43 B
503 B 90ms
16ms Image
image/gif 2600:140b:1a00:d::17d2:1a36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/3929/rt/58415/h.9e9547e9a05fb87c?vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:d::17d2:1a36 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, max-age=3550
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
host: b6.im-apps.net
content-length: 43
content-type: image/gif

GET
H2 200 h.9e9547e9a05fb87c
b6.im-apps.net/3929/rt/57444/ Frame D19F 43 B
504 B 88ms
14ms Image
image/gif 2600:140b:1a00:d::17d2:1a36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/3929/rt/57444/h.9e9547e9a05fb87c?vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:d::17d2:1a36 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, max-age=3600
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
host: b6.im-apps.net
content-length: 43
content-type: image/gif

GET
H2 200 h.9e9547e9a05fb87c
b6.im-apps.net/3929/rt/57443/ Frame D19F 43 B
503 B 88ms
15ms Image
image/gif 2600:140b:1a00:d::17d2:1a36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/3929/rt/57443/h.9e9547e9a05fb87c?vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:d::17d2:1a36 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, max-age=3600
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
host: b6.im-apps.net
content-length: 43
content-type: image/gif

GET
H2 200 h.9e9547e9a05fb87c
b6.im-apps.net/3929/rt/58203/ Frame D19F 43 B
505 B 81ms
15ms Image
image/gif 2600:140b:1a00:d::17d2:1a36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/3929/rt/58203/h.9e9547e9a05fb87c?vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:d::17d2:1a36 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, max-age=3600
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
host: b6.im-apps.net
content-length: 43
content-type: image/gif

GET
H2 200 h.9e9547e9a05fb87c
b6.im-apps.net/3929/rt/57451/ Frame D19F 43 B
505 B 82ms
16ms Image
image/gif 2600:140b:1a00:d::17d2:1a36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b6.im-apps.net/3929/rt/57451/h.9e9547e9a05fb87c?vid=01GR8K9JVQSDCQTVZ4XWKBG2MH
Requested by: Host: gemforex.com
URL: https://gemforex.com/campaign.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:d::17d2:1a36 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gemforex.com/campaign.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Thu, 02 Feb 2023 08:18:38 GMT
cache-control: private, max-age=3600
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
host: b6.im-apps.net
content-length: 43
content-type: image/gif

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 70EA 0
17 B 2ms
2ms Document
text/plain 2a03:2880:f10f:187:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: gemforex.com
URL: https://gemforex.com/campaign.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:187:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://gemforex.com
Referer: https://gemforex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://gemforex.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 08:18:38 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.eabids.com
URL: https://static.eabids.com/data/bannerpools/112022/33840.gif

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
trac.adspop.me/	1969-12-31 23:59:59	Name: Adspopme Value: bcnlrv13s3v4etuhv1n66d5q4c
trac.adspop.me/	1969-12-31 23:59:59	Name: csrfToken Value: 6567a5cf1b000b3efaa191018a72547bc2055e5f05a8c5d83dcdec4d04a34a1f5c7ac12c349547a57836de9fa54c543ebfa698f7de96ee7a123d4d456e428173
trac.adspop.me/	1970-01-20 09:23:32	Name: visitor Value: Q2FrZQ%3D%3D.NzIzZmYyYTViNmY1NTY1ZTk1YzhkNzZiZDdmMDEyYjkxYmU1OGM5NDQzOTJiZjFmNTc5YzY2MDE5YTYwZTM4MYWAf0Z02Q6xdCRPrKpC4in3mBk3C4neFo0iE1DKxrqjbF4sZKtPGb0oPihznk3VoOKpyIep9EQyKROjUZZjD8aWI8eyfkbh5gtMIgKreAmJ
trac.adspop.me/	1969-12-31 23:59:59	Name: ab Value: 2
short.adnet.cash/	1969-12-31 23:59:59	Name: Adnetcash Value: 8sbjkb9ahc9jq6ciavl1og0o1i
short.adnet.cash/	1969-12-31 23:59:59	Name: csrfToken Value: 35b7a984f353e8416aa429e681973f0747901d21b160420c688dc4859ddd9070545ca652f42ef117e7c56d132188825f770f0c93a20ac28b5a4e7a8e8ee84925
short.adnet.cash/	1970-01-20 09:23:32	Name: visitor Value: Q2FrZQ%3D%3D.NGRiOTY1OGY0OTA1Y2JiMWNjYThjYzE1OWMwZjlhNDAzMjhkZDg2OWUxZTFmMWY2NjYxZGZkOWM0MTFjY2U1ZYfaXDb7CCaMijfTyO3w7CiYYH2pDPNftgTyOzeF7HRPtdEHOtd%2FI1qgeMcU%2Fet8kuM%2FzutYAe3MthFTUvpfs%2BuxORTE%2FVCABuwikDKH9wfV
short.adnet.cash/	1969-12-31 23:59:59	Name: ab Value: 2
.adnet.cash/	1970-01-20 18:58:05	Name: _ga Value: GA1.2.422270109.1675325913
.adnet.cash/	1970-01-20 09:23:32	Name: _gid Value: GA1.2.1811162682.1675325913
.adnet.cash/	1970-01-20 09:22:05	Name: _gat_gtag_UA_111790449_1 Value: 1
.optimizesrv.com/	1970-01-20 18:58:05	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263db71da739d97.999223812312166183%22%3B%7D
.optnx.com/	1970-01-20 18:58:05	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263db71dbbbddf5.967639092504940684%22%3B%7D
.optnx.com/	1970-01-20 09:23:32	Name: c-tag Value: %7B%22tag-link%22%3A%22v3%7C%7CJPN%7C3511125%7C77457108%7C0%7C%7C508%7C0%7C3%7C40%7C0%7C0%7C0%7C15547%7C1850144%7C1850147%7C0%7C0%7C13%7C4096%7C0%7C0%7C1%7C0%7C0%7C1%7C%7Cd522dc35bfe1d633e2e3da2534f786ae%7C745%7Cshort.adnet.cash%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _browser Value: 3
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _carrier Value: 99
ap.octopuspop.com/	1970-01-20 09:32:10	Name: _country Value: 110
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _uid Value: diuc04d8717018cab510f90087fda34f3a1
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _clicks Value: 6529%2C57222%2C44568%2C4931%2C1675325915%2Cdiux6e1f59398a5432010b9fca9e9bad3aa7
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _poptimes Value: %7B%2257222%22%3A%5B%5B1675347515%5D%2C%7B%224931%22%3A1675347515%7D%5D%7D
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _adpoptimes Value: %7B%2244568%22%3A1675325915%7D
ap.octopuspop.com/	1970-01-20 11:31:41	Name: _adtypes Value: %7B%2257222%22%3A1%7D
gemforex.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fjvc7gr580kqjdhds88sulae96
gemforex.com/	1970-01-20 10:05:17	Name: gemafcookie Value: 92920
gemforex.com/	1969-12-31 23:59:59	Name: IBMCLB-443-3f2123e0-ab14-4a19-9d66-d684414f355c Value: 79219a7d-1407-480e-a8fb-d49c07e493fe
.yahoo.co.jp/	1970-01-20 18:07:41	Name: XA Value: dk27h5thtmset&sd=B&t=1675325917&u=1675325917&v=1
.yahoo.co.jp/	1970-01-20 18:58:05	Name: XB Value: dk27h5thtmset&b=3&s=fd
.gemforex.com/	1970-01-20 18:58:05	Name: _ebtd Value: 1.osxhql4hh8.1675325918
.gemforex.com/	1970-01-20 11:31:41	Name: _gcl_au Value: 1.1.1529628732.1675325918
.gemforex.com/	1970-01-20 18:58:05	Name: _ga Value: GA1.2.2092766933.1675325918
.gemforex.com/	1970-01-20 09:23:32	Name: _gid Value: GA1.2.1112623721.1675325918
.gemforex.com/	1970-01-20 09:22:05	Name: _gat Value: 1
.ladsp.com/	1970-01-20 09:22:09	Name: cr Value: 1
.ladsp.com/	1970-01-20 18:58:05	Name: smn_uid Value: ClyzGPXdmBvEzrH_nZ_qKQ9Tj2ewJuY
.gemforex.com/	1970-01-20 11:31:41	Name: _fbp Value: fb.1.1675325917978.1301181762
.gsspat.jp/	1970-01-20 18:58:05	Name: gid Value: 6a7501c4e6b611e3f12859c96cd3bd02
.gemforex.com/	1970-01-20 10:05:17	Name: _im_vid Value: 01GR8K9JVQSDCQTVZ4XWKBG2MH
.ladsp.com/	1970-01-20 18:58:05	Name: lum Value: CPiW04nhMBIGCID6ARAYEgUIARCQARIFCBkQwAESBAgNEHgSAggOEgIIKhIFCAMQ8AESAggLEgIIDxICCBASAggREgIIExICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCMSBQgKEJAN
.adingo.jp/	1970-01-20 10:05:17	Name: logicad Value: AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLjQ
.ad-stir.com/	1970-01-20 18:07:41	Name: uid Value: 5e66b458-706e-4721-adef-023d09001991
.ad-stir.com/	1970-01-20 09:42:15	Name: d20 Value: AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLeQ
.send.microad.jp/	1970-01-20 11:31:41	Name: TR Value: f54fccdc8b29175d8b3c0e08e252c686
.doubleclick.net/	1970-01-20 18:58:05	Name: IDE Value: AHWqTUn_NwGMG_CURv7Cdy4CjOVpFEDm5OqAwneMyKwaS9Fs7DgP2-FzzQxizbmpdEU
.gssprt.jp/	1970-01-20 10:05:17	Name: logicad Value: AeDQNIZ4hJpXks8AD1OPZ7Am5hw
.gssprt.jp/	1970-01-20 18:58:05	Name: gid Value: 7e0aba8048ff94f20be14238ecf337fe
.popin.cc/	1970-01-20 18:58:05	Name: piuid Value: a2e086f69c6a466495e4dd7173aa8517
.popin.cc/	1970-01-20 10:48:29	Name: p_logicad Value: AQFJ0j5CQNryks8AD1OPZ7Am5s8AAAGGETTLlA
.adtdp.com/	1970-01-20 18:58:05	Name: pr Value: aja
.adtdp.com/	1970-01-20 18:58:05	Name: uid Value: 810bcd78-e18b-4ec1-962b-ffa8ff08087e
.yahoo.com/	1970-01-20 18:08:03	Name: A3 Value: d=AQABBN5x22MCEOFpAmkwW_mQinYMLlKyVFUFEgEBAQHD3GPlYwAAAAAA_eMAAA&S=AQAAAgt_9MsTTBLoMGPEtJKSXnc
.analytics.yahoo.com/	1970-01-20 18:07:41	Name: IDSYNC Value: 176y~29rk
.im-apps.net/	1970-01-20 18:58:05	Name: imid_created_secure Value: 1675325918
.im-apps.net/	1970-01-20 18:58:05	Name: imid_secure Value: aaULRZ_MTk6EaCDhocXTtA
.bidswitch.net/	1970-01-20 18:07:41	Name: tuuid Value: 74b925c1-9f1e-47c4-98d5-5e4955e6f340
.bidswitch.net/	1970-01-20 18:07:41	Name: c Value: 1675325918
.bidswitch.net/	1970-01-20 18:07:41	Name: tuuid_lu Value: 1675325918
.adtdp.com/	1970-01-20 18:58:05	Name: pfxid Value: cf5292d4-102a-4aa1-9049-ab43ed7f518b
.caprofitx.adtdp.com/	1970-01-20 18:58:05	Name: pfxids_logicad Value: eyJpZCI6IkFRRkowajVDUU5yeWtzOEFEMU9QWjdBbTVzOEFBQUdHRVRUTGxBIiwidXBkYXRlZEF0IjoiMjAyMy0wMi0wMlQwODoxODozOC4zOTFaIn0
.socdm.com/	1970-01-20 18:58:05	Name: SOC Value: Y9tx3sCo5ugAAAXX8gwAAAAA
.rubiconproject.com/	1970-01-20 18:07:41	Name: khaos Value: LDMTSNWS-21-JV05
.rubiconproject.com/	1970-01-20 18:07:41	Name: audit Value: 1\|sf8/3lpOs8k7qdVpqGn94IbdKEM9E53Sayhgt++yDg6rLKOqscwnxq2CdmgraNEkpSvauoi/zXIwHTRO1/p4iL+YuzCqzjSQgXr7nSTpjJ3Z6rMoVGSjxzI6m2GwvSZBmcnbH5z1wK8K2KPLU87iAMCYMveghXFh+wSk1BBZU5Ug1u3OEw5FU9APlTu0R9RN
.taboola.com/	1970-01-20 18:07:41	Name: t_gid Value: 4f74e27a-2d65-4ec9-9125-ac209c2d06e9-tuctad4f75e
.adnxs.com/	1970-01-20 11:31:41	Name: anj Value: dTM7k!M4.FF7/.XF']wIg2GVNv!Kf[!]tbPl@/]n#hNXKUcZI[W!UJ/[L7dB?1]uYOvoV#MrF:2E%1<FrLIi'rQ_dyT<^nls.$1]GdD0[%p[s>%q)3RAHWq+
.adnxs.com/	1970-01-20 11:31:41	Name: uuid2 Value: 2712501000422427451

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac.afi-thor.com
ac.miraku.work
ad.caprofitx.adtdp.com
ajax.googleapis.com
am.yahoo.co.jp
ap.octopuspop.com
as.amanad.adtdp.com
audiencedata.im-apps.net
b6.im-apps.net
b92.yahoo.co.jp
b97.yahoo.co.jp
cd.ladsp.com
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
cs.adingo.jp
cs.gssprt.jp
cse.google.com
discoveryplus.popin.cc
dmp.im-apps.net
fonts.googleapis.com
fonts.gstatic.com
gemforex.com
genieedmp.com
go.adspop.me
go.ero-advertising.com
googleads.g.doubleclick.net
ib.adnxs.com
jp-u.openx.net
js.octopuspop.com
pixel.rubiconproject.com
px.ladsp.com
rt.gsspat.jp
s-cs.send.microad.jp
s.optnx.com
s.yimg.jp
shaken.autospirit.net
short.adnet.cash
simage2.pubmatic.com
sp.gmossp-sp.jp
ssl.socdm.com
static.eabids.com
sync.ad-stir.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
syndication.optimizesrv.com
taj1.ebis.ne.jp
trac.adspop.me
um.ladsp.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
y.one.impact-ad.jp
static.eabids.com
103.231.99.80
103.71.26.126
104.254.148.252
119.63.198.176
13.113.86.10
13.115.198.155
13.115.235.46
13.230.11.0
13.32.50.107
141.226.231.48
142.250.196.98
143.204.122.53
143.204.126.45
183.79.219.124
183.79.255.12
202.233.84.8
202.241.208.55
203.137.177.25
210.152.82.21
219.94.163.101
222.230.178.129
222.230.178.33
23.45.50.243
2400:52e0:1501::1064:1
2404:6800:4004:80a::2004
2404:6800:4004:80c::2003
2404:6800:4004:812::200a
2404:6800:4004:81d::200e
2404:6800:4004:81e::2008
2404:6800:4004:81e::200e
2404:6800:4004:820::2003
2404:6800:4004:821::200e
2404:6800:4004:822::2003
2404:6800:4004:825::2002
2404:6800:4004:826::200a
2404:6800:4004:827::200a
2600:140b:1a00:d::17d2:1a36
2600:140b:2::172c:3392
2600:140b:400::172d:3323
2600:9000:2224:6200:1e:513c:d3c0:93a1
2606:4700:3030::ac43:9005
2606:4700:3035::6815:275c
2606:4700:3035::6815:4d1a
2606:4700::6811:190e
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:187:face:b00c:0:25de
2a05:22c7:1:2140::194
34.98.64.218
35.201.98.24
35.213.109.249
35.213.12.39
38.133.127.95
54.238.247.89
54.92.23.157
8.39.36.142
95.211.229.245
95.211.229.247
014f0d2243d9fcf7323aa1a3224a4123a037f9c69713864aeff12d732ac5d106
015531b1900e45a116f6e17acdba5b9486444fb160dcce18f1d52ecfc7b18a82
018cef243f8bdf2d3ad75cb619a6ebe28f8e5a8ce51f003fdcb4d1a4566a93c3
022892579716c5bc07633f83b69035c2467de026c99283d8bfe33a4a03ff8d3b
03dcfbce3791beabb72ba13efe200346d765e5a0ddf5da4ead4346c27dc369ba
03e97d50f8a7713f99085c0327b5e2eea9faf72008a427562cc78c3009d559c3
04237c4a5327628489ae6fb113e031d94d5629e818306d84de3fee8d1854b186
044586c804b27862033465bc309b628e6bbcdcf7c0cb8737f3bbc7c79bd81e35
06803c61efa22d5d12893d3f9e4e0fc6f77f410f1ce63c7f61d86465cf230fe9
07c4d9fb9d48c1887e58b829316b8a2fcc3b93afa225e913bc6e79ea7d9de35d
0a5c71301f29f4b6c91efb3e913655c063523e9fecd20da490afdcfdd8955349
0bb236855a0fdd68003e72fcf27a3ca8712d786ac6d663d3da72bc78857f11aa
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d3fbbec3e00427e6bc8be3dc705f30ee924cc557077241f6f32be5a2c6aa76d
0fe40c5652ce04b1e56ca22a7ab824498d35aaff5e4fa1d06771260a46339c6d
12b74603ffc71b332267f7c7d5e6267438ed5940381dcc186e04f5ea74f3fe9e
14af3654a378d80322de0d39af26cd18c1f04eab78b1d0e162d0a16681115199
15237be3700d3c6cd67edf8cc4d30014defef6cfd9f0d69480ed5348c3cb3a0d
16ed2c67cb471820cca86dd3bf38a3bff2696995be7b0b47a5d1a38651fd75de
176ee7e000917152c860ca7c3229ec275c80d863636b82d6ed0723c97b232831
183bb6ae6b109ce74e499809151ae8dd4a15f0b2ac8b85576b3235ffc994db3d
19eecd7c292339bfbd71fdf0628a287d714bf340ef078706fc3c4fe5a50869f6
1afc396d6af66e0821ebdea1c35e6fee11b1aa33df82242968fe54d29d2e306a
1da2abcdb9ead5cb65d54f214e467b309bd5430b97578122f64dc4d31d060df0
1e1964a425f1048553681916740c8a46c9739efdb521b8fd9ad535bdf4f1a1cd
1ecc403b1fbad6096a78cbfbab5abfb0a8286c94b84ae78d05b205261cc51984
239e54480c058fac6ca82ddab4a8bc780eb0e52f015a4c9ea29bbb5503b33618
25796ab38e87b5915b2f8254e153cfb44462fce3d223fe7a7391c3cfcf3e2393
258818d51dbc40f6282dca0b30deaa731d29a4d7d25bd82e1a3c0122292c1954
26ac8257ecaf66fb2a8a377dccba0fc5a609b2cf58e8c8a1fb80c590fc600029
26bee832221678eda8465d15232c769d951077732aa9019aaf1c4861380dee4c
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b2a49516984beb189756b2dcbaa9786e3038a7767ff3b9e852f02386a5706a6
2d19049242f778d3398164b3a66b102ecb5bdce59605285bd565cb26f1768bb0
2ea6bae3361f21ae258b2bd57b36b31b3aaef7b7c8a40e02100f77eae0646353
2f20b84624ca71c31aa7463cdd10278a3e8f7fd3779f945bf07df749f760c8f3
2fd471f72d444f2fd2f7d761fc967c9187d570381ad1736e056b09066f936196
30133215d1a4f8a81aadb67be095bb4364bea162e4ec11aaca5f16c57b33aee4
3073cb64d2ad234997c89abcb702172b71a73c887e8b2b071a682c35da80bbb0
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
36d61675f8ddec293c102503a3ca133fb16ded951f3150d695eefda36dbd0b92
3ae590bf246ecdc4f30335ffc27da5fae8bb4a0677bcce5d2b183944bb07ad37
3bbb24dbbcf74958618e58450a6b2291474f5ad9c6712a6772cec2109a19b034
3dbebd4fb9a4748139f31fda339dc443c49653999d68744abd19dcc4cc306ae7
3f9e3f23abd6ef1493e6478341e72adbc4df79b11c3e501885d423c31f69cd12
3fed07219b4cbb410f7cd9379c1536dc15676c2515db015032c6197df12db40e
424da953a071c56f6274ec5303ae946f2f3f3988be32355b2e2cc72c84ca573c
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
4513214f03568053993548a98f8e72824280c5b673ca42e51318e9960fa03f86
4520328588c694c8d58f01cbc7e8b4c1ff6fabb6825532c84ffd87a31346cd99
455c800bd41b91ca3b3dfe3dfdf727c8a44f557ced2ffc9fe9f9995aabb8b9a9
474827859437abc7661f2c4cbac39711dd4fe3f628cc4f8bef6f78fc10607a55
48c5bf5b1aab32b00b4973e2c971dd808a14b8fbceac94734607b6f299c33383
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2a49e2e42b10d5a95e970f8253ae3ebbae4cb0c887726947f1db6e53ae07e4
4ef4a1ab45eb8fe022dfe326f50379ec3e9e5361c94f1f2df29f1cd317c4265c
516cc4eea5031acbb2122130f0b20a9f89ac9fb3765d107af17450f4cf4a1099
5290341a252d040863574d4879b590e51e316aaeca83bf0f8fa5b7259d7d5dcd
542aa608eb68aac92a8ea22fb98f5d8f4fa4859a4f1371659a3311d856f23d3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ba69c11db1d4be0836acfb5abe76c32024507fe2573024d4db23983a0ae8f8
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
58b8b919bc0d87670d60621cdaa8d6fd29bf58a01664d18836d6193aa014c954
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59a63e6e125dfee986b928df6221d449a5911cfd6317367c179beac858c6f7a5
5acdc04cafd138ececddb327370a564b7ecb0a9722c5168d860119e5e18475a9
5c76225a246fac077d82d7d0f2a36921c21dfe8821ea2f1bf17ca43eb47d34bc
5f11e80c202112b15c05d01ee2cd25338c9d59e7e04b07e131b7244c35006b20
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5ffbf54c595b540cea844fb2d3a12b341cd179147afca6e240824d9ba644ba98
622bb511c1a03c30b4cf2e37aefaa9aed8f375f1b82dc7b8d6cb176e116b4e73
644d85902b41af23422786132e55e8d8ec44a04121200dbdf5541b507039cb26
64ef938dd040a288e2e3493f834b5ba37b8804fd0ba4c1829e981677fdaec94f
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6ab21120a50a87b178e227b2dd45a26e1cee8d3f440d19850d80cbe8498eff01
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c4ac386319341c7ea12c25b2b6a792a676164dcf0297aeac66564cca203b34c
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
717af4fa65e7c97cd2b7fed05f1f286d23497abd3f4fd9fa0463d47f3b1d49fc
72886b29a4caed5ecd641a108d1b0393e3f94ecc551fc926dffe047e3cf35b4b
74feff8048289b0b212e91f749228e4adf90f61225c27cf84037faab04d57e50
76890ed0912951cb7116c2cfdec0d5ad3e138e94641d0dd1126ad45304feddba
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7920f333ceb74dd3ca9878c86674413459d37b0e48d9cb7eb0b795a87a50be97
7ab85f3707da9c4d63285a154e4dd7bba361d60d591aa27f49398b9647fda03a
7b19fb29285618a4cc2daef3d34cc16f3d258ddf25c35e0b42be41565ddcb3fa
7bfb48976fff213c874bbe581fe50a771d3d0c2f1949c3394995b3e8dac742fd
7f39c8c62cf13a41845f698574b519cb86764f33488dec60b7a110c45a328649
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
823b097c1ec66c62a20ec373c757c6b3383f424d3a0fdd1694ecfb485409e0df
830ae94f851cc0d9a56ca3fc63e32af2ac25def87d11aeef828c9b87911fb88d
841aec656e77af6c164eecdaf3cac3285130c3e5789400f7ed53dcccbc22bd28
866cc830c376e431cc9ba2fc2e75b627bb4bc48b6c481b8990ab9181bbd41cd9
880d2495792a7131d8b1c10a27e04c94cf47ae2fef49e8a3c427163eda6ef5e1
88820a55febe57d2e91802002240062af6121ebe7191fcaae66b5f7d07736bf8
8a06ccd41313c40221a3b8cc5bf6d7a82cf1c4ef4c3ea494570db54fe22055e5
8fc6c54f42995a571e59b5cd0fb91656c9a12f38721a4bbe1567cbd84eb4cb1b
926a6b056e2327668477b0e0879783844a326955121cc69d9ba5f4ede4d4fd6f
92afda6f8132a600a974c39fbed5abfa5011575f8a89a439bdcf2dc90d0e50f4
9455ab7cd40ada8fd3d9f6ad888857b778033da2f36b5a843d1c87db76ceb6ad
94a655a5ea337cd1156e3fd51e34b1f71c1a6cdfc1e74ee7c26de5ca2a6e6320
94ea52aee62e98658e4284ace4468b1ed602c31651699e7bbc078918dae84bdf
990cfe7ef3676233770b1209146a05af1eb72bbf58e1743eb7e67ae312d290d9
9a4009d426ca81e3d7ed8704a220b9bacc4dfe95eb13c35c07397c82c02ead4e
9cfa69f7f23642aa1be31f5350871e4c999047004e4d3428a46dbbb8fcdbfa78
9df6fe966ea06bce2d8fbfe323865ed0a70338a3a68f268cd691d31e6821b48e
9e23b1e49406a0130fd6d9edddd6aac23b89ea92d4860acf0fa564c07be3665f
9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0a5100062c3d105b249f1431146e02d23d1acbe5acc7567e1a6b17d1bd3269b
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a59e1cf45de10091552f94b23234ca14086dfc0846edeefa21daae829ea33e86
a5c60004eb126e7cfd322a7638248578fa3f37e7c0e1978cdec9f738564316e6
a67fd145335463c342e2bafa86735b263664b47b758b41570defac041ac48628
a6a9006f853408ab15738dff6116fa84eea75c426fb2d5e44c08dc7a0bf3ac42
a70e6409c8d31c1305875c330fb419b1ab556bf3855d0fe1e67cc778b2e2d39c
a719f75e90188edc5356606707e673963165f1babe4be225b688ef753067c0a9
a8f8be635c28c97af25dd17d35e865695f1a922fe411dd3eb1b91b9e4bc279b3
a970353bce58bc0d8ffe4ab5dc2f4343c3921814a8ad2979150bcac157f7d75e
aa7715babe1f8bdc288618b99854d494552d589a5d791b23ecd71b0849659488
aa78afcdd826b804e6f5750f35a9b3f6d009b31c4ef20adf46ddcd77df728303
ab0f6556489e71e71de94094ef94eb7ab92b9eacf189ed05f510667e9ede23d5
ac49687945de33ae93f9729067d1ee26e6619ff4a3a800e1502b11dab245b4d8
ad0bfe6a25c29d8ee54a2127774533bf366a0dd9096bcf2c513e472a2ebbae88
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0184efe2b63acfb96979838c5763322a234f6ac2166cc6d72c5671795d72412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e47305e8935941d6b89c042041a047f3909ada020fbe30917068ee03deaa24
b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa
b34702bf237a55306199e6fc98ea7b08b93ccf3f09bf7ab4b1954c03d775bbff
b5a11582f64fd866c04f5e275b1cc490c35a512abade9b58cbb0f6ea7991c7b7
b8ac7588ff614ada36eeecd3df86bb79fdc3243320d7e6e586dfe37758f297b5
b92cb0a22ec331856f234ffd906f336f47d9010f0820e9f9a80f271b989d40e2
b92f6e97112d6a50612418baaff3a88d43e151abf5d88565df84e5149ab7cf93
b9a65b25b6ceeede7ce7e371a1c826781ec411264d8686613539d667e3ebee8f
be102c02ba4b3b5c45fa0797bfdc883abb8830b6ae45ad14f944bec5e5cfbdee
c1848b6834a2a831a720af27d5a52620d9e24d489cea925d6c2ba3cfc7f6c652
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c767b0d6780291d4f537cc3d96727bee9e4b58b8825963d85ef30fedf1d4cf64
c8e63b92cdf7bdb689f4c57444c7798eadea5d966d3020504e7c4bd1cb622c50
c9a23c0e5ea24ac7b0aeb37b87dca8b47298905fb526ed86a5408ee32e0ce1bf
ce28a4ca77a107d737c54d6361ca190d02d0a3baa2399c4df762d45dc5a07203
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a6ca640db4c4e6179b2f1610f3b7ddc014273879a6c3d279bfa9dd1e337200
d2aa4955f84e3be0a4d5c6f579c32d0dbaa881efa4c69cfab28903da6cc10f09
d3aa55359f3d42c499bde9b33e0d46704abba68ee171ae83ff5a287627e8ed35
d47c98a3049b3f8f51f537f2a96b82e44f4159b89ed743844ba70dc08b161caf
d4ad37bed7a0f2d557c99a7e5d82d29a1e528981971fbc5068735138e29e3fab
d4ff3262870e564f4219acbf41c135437f6f170649a3e968fff3ebd2e46befb9
d77c7d6f0a4ea275b7014a9e46f790db810b23632928e3f3185adf445a8621cf
d7cb058ee3aeaccc3bc554185af8d6ed3b29cfa77bfd7383f3258c4b185e0c35
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddc29ff9026f4db4d334bacfe23755345f1043db3d877bc7c38ea31a83d65099
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0ea3789c7912ae25b0ec5a33da8f6b6a91546746c95252cd90453f02ad1ce36
e1af64b7b2d7eaceb13c622fd41d3713f9d02e0f993336b41a3c1712aaba1e49
e34757976a22566b9ba044c59ea21312f1dfc87c7c3862edee36e710deabae2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ed654093e0dd46141985d0e466cc7c02c6d504203cd994e520446868311e08
e60f1e6f0dae2450972e7ef57248eff6beb1fb476e5d6e45cb639422c0fdc0dc
e7a1d2d2a3fcacb73dce9dd879fa0e959268e323f6d01b931f2bff612cb71483
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e910b04560fc11dbb503fcdaef7b1c55a3663a53a63b35764e148dbb601f3fca
e9e933164743471d9eae8e4a286c3187bf70d2dbf5487ab586b5b0761e6ba2a2
ea375faa4638d81760f881768e150b4752ed092de72fd78d236d38acbf0e4f08
eb8b8e044d05c83f56b3969e438e52e771ca1840d04f540acbec74b6ebf3c704
ecc0450b6f29ed6974f6e49ee5ac8e34b106bdabdeca7ca4595f89cf466a9706
eced69e931e3d6fbbb896aec7733312d0f897063880d3d73b1403c5ca82aba7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef230b7247682eae3dfa587701e269f26836bb743ddda3e33124ffcb12a66808
ef2902807a8f5cbe04ed185288d3288180e399dc2a371e80f0540f0df02b9daf
f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f
fa6ab34cb2275ffa374cbe2dc4d16731c938c93a309f90dec42648239c036b58
fad25cd49ede74711b387dc8073f3b1633337cf96a9291aacd4e94ef95aec2f8
ff7c2194a7f98988f663ef20e0c5e55be10484af7b9473fc255f2cb858a15ae0
ffb2f2d99b0c239c9f6d40069d5d31aebbe1544fe5e3195b4444236abcaed3a6

gemforex.com Open in urlscan Pro 23.45.50.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

94 %HTTPS

42 %IPv6

46 Domains

61 Subdomains

53 IPs

7 Countries

4185 kBTransfer

7164 kBSize

64 Cookies

3 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gemforex.com Open in urlscan Pro
23.45.50.243 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

94 %
HTTPS

42 %
IPv6

46
Domains

61
Subdomains

53
IPs

7
Countries

4185 kB
Transfer

7164 kB
Size

64
Cookies

239 HTTP transactions
0 data transactions