gcxiu.com Open in urlscan Pro
154.91.176.218  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

• https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5yZnYPuiAMVAZz9Bx1X9wY_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5yZnYPuiAMVAZz9Bx1X9wY_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfZPVb1LPOBlQ5aA1Bhnq2dp1sErWblg&random=322882692 HTTP 302
• https://www.google.de/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5yZnYPuiAMVAZz9Bx1X9wY_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfZPVb1LPOBlQ5aA1Bhnq2dp1sErWblg&random=322882692&ipr=y

Request Chain 79

• https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqGZnYPuiAMVho79Bx0CIR6JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqGZnYPuiAMVho79Bx0CIR6JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf5jobxQb3N9ZMoo6aHsPRu2UgSDvcIQ&random=2294764186 HTTP 302
• https://www.google.de/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqGZnYPuiAMVho79Bx0CIR6JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf5jobxQb3N9ZMoo6aHsPRu2UgSDvcIQ&random=2294764186&ipr=y

Request Chain 80

• https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxAg&pscrd=IhMImaGZnYPuiAMV2Jn9Bx1SlhhEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8 HTTP 302
• https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxAg&pscrd=IhMImaGZnYPuiAMV2Jn9Bx1SlhhEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfste-yLWXTG2AzjKhcKNyFK3spKJXpg&random=3085209594 HTTP 302
• https://www.google.de/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxAg&pscrd=IhMImaGZnYPuiAMV2Jn9Bx1SlhhEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfste-yLWXTG2AzjKhcKNyFK3spKJXpg&random=3085209594&ipr=y

Request Chain 96

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCKLFsQIIkMmxAkonZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIhPSZnYPuiAMVPpn9Bx1o3Se1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pckk5b2lKbkZsODBXVFlmYWRSX3RiM3VCQjFuRVdPeXlXanNJTjU0aXF2ZU9FazNWNUJQT3Jn HTTP 302
• https://www.google.com/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCKLFsQIIkMmxAkonZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIhPSZnYPuiAMVPpn9Bx1o3Se1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pckk5b2lKbkZsODBXVFlmYWRSX3RiM3VCQjFuRVdPeXlXanNJTjU0aXF2ZU9FazNWNUJQT3Jn&is_vtc=1&cid=CAQSKQDpaXnffZj00Z9K_iNk6zGZdbarOqP_sWkZkgGBX55g7ZY14p-umfN2&random=911610945 HTTP 302
• https://www.google.de/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCKLFsQIIkMmxAkonZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIhPSZnYPuiAMVPpn9Bx1o3Se1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pckk5b2lKbkZsODBXVFlmYWRSX3RiM3VCQjFuRVdPeXlXanNJTjU0aXF2ZU9FazNWNUJQT3Jn&is_vtc=1&cid=CAQSKQDpaXnffZj00Z9K_iNk6zGZdbarOqP_sWkZkgGBX55g7ZY14p-umfN2&random=911610945&ipr=y

Request Chain 97

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-vqbnYPuiAMV-pH9Bx2qvhoNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck03Xy1FLUtkVzVlNmxQU2ZTWWp1T0pjT0p0QkFaSWZYeTlkdWJvUkdoUmVyUXZDcFZNdWN3 HTTP 302
• https://www.google.com/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-vqbnYPuiAMV-pH9Bx2qvhoNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck03Xy1FLUtkVzVlNmxQU2ZTWWp1T0pjT0p0QkFaSWZYeTlkdWJvUkdoUmVyUXZDcFZNdWN3&is_vtc=1&cid=CAQSKQDpaXnf_xe9GtQS8wg9u9uc02JvXuJT3qJsZcPB_1_f6cLfnJWhhPJv&random=3609422737 HTTP 302
• https://www.google.de/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-vqbnYPuiAMV-pH9Bx2qvhoNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck03Xy1FLUtkVzVlNmxQU2ZTWWp1T0pjT0p0QkFaSWZYeTlkdWJvUkdoUmVyUXZDcFZNdWN3&is_vtc=1&cid=CAQSKQDpaXnf_xe9GtQS8wg9u9uc02JvXuJT3qJsZcPB_1_f6cLfnJWhhPJv&random=3609422737&ipr=y

Request Chain 98

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJHJsQJKFWV2ZW50LXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIxZKdnYPuiAMVO7z9Bx1gCQSYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck9MSmx1MDFSSHBtVWZCeldwcXVvSG5nU1dGY0VTZUJCRUpGNVUtWnpudHlDTkJjaWJMS1Nn HTTP 302
• https://www.google.com/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJHJsQJKFWV2ZW50LXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIxZKdnYPuiAMVO7z9Bx1gCQSYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck9MSmx1MDFSSHBtVWZCeldwcXVvSG5nU1dGY0VTZUJCRUpGNVUtWnpudHlDTkJjaWJMS1Nn&is_vtc=1&cid=CAQSKQDpaXnfViasvKLQ-DFzXh9iDPiqhqKrr2cSLaB0A4L-nHmtlIXZ9M4a&random=446482858 HTTP 302
• https://www.google.de/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJHJsQJKFWV2ZW50LXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIxZKdnYPuiAMVO7z9Bx1gCQSYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck9MSmx1MDFSSHBtVWZCeldwcXVvSG5nU1dGY0VTZUJCRUpGNVUtWnpudHlDTkJjaWJMS1Nn&is_vtc=1&cid=CAQSKQDpaXnfViasvKLQ-DFzXh9iDPiqhqKrr2cSLaB0A4L-nHmtlIXZ9M4a&random=446482858&ipr=y

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.jsp Show response gcxiu.com/	19 KB 19 KB	1417ms 263ms	Document text/html	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-length 19673 content-type text/html;charset=UTF-8 date Tue, 01 Oct 2024 20:30:49 GMT server Apache vary Accept-Encoding
GET H2	200	all.js Show response gcxiu.com/js/	256 KB 257 KB	504ms 503ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/all.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"261634-1727680664000" accept-ranges bytes content-length 261634 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Mon, 30 Sep 2024 07:17:44 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	app.js Show response gcxiu.com/js/	190 KB 191 KB	703ms 702ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/app.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"194353-1727680664000" accept-ranges bytes content-length 194353 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Mon, 30 Sep 2024 07:17:44 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	style.css gcxiu.com/style/css/	516 KB 520 KB	262ms 260ms	Stylesheet text/css	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/style/css/style.css Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"528492-1727698150000" accept-ranges bytes content-length 528492 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Mon, 30 Sep 2024 12:09:10 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	common.js Show response gcxiu.com/js/	4 KB 4 KB	704ms 702ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/common.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"4484-1727710072288" accept-ranges bytes content-length 4484 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Mon, 30 Sep 2024 15:27:52 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	extended_timeout.js Show response gcxiu.com/js/	3 KB 3 KB	703ms 702ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/extended_timeout.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"3334-1727680664000" accept-ranges bytes content-length 3334 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Mon, 30 Sep 2024 07:17:44 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	jquery-3.4.1.min.js Show response gcxiu.com/js/	86 KB 87 KB	704ms 703ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/jquery-3.4.1.min.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"88145-1680887322000" accept-ranges bytes content-length 88145 date Tue, 01 Oct 2024 20:30:49 GMT last-modified Fri, 07 Apr 2023 17:08:42 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	img_site-logo_pc.png gcxiu.com/style/img/	2 KB 2 KB	704ms 703ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/img_site-logo_pc.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 2154 date Tue, 01 Oct 2024 20:30:49 GMT etag W/"2154-1727687748000" last-modified Mon, 30 Sep 2024 09:15:48 GMT content-type image/png server Apache
GET H2	200	img_site-logo_sp.png gcxiu.com/style/img/	2 KB 2 KB	704ms 703ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/img_site-logo_sp.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 1829 date Tue, 01 Oct 2024 20:30:49 GMT etag W/"1829-1727687748000" last-modified Mon, 30 Sep 2024 09:15:48 GMT content-type image/png server Apache
GET H2	200	before_auth.css gcxiu.com/style/css/	447 B 543 B	250ms 248ms	Stylesheet text/css	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/style/css/before_auth.css Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"447-1727680708000" accept-ranges bytes content-length 447 date Tue, 01 Oct 2024 20:30:53 GMT last-modified Mon, 30 Sep 2024 07:18:28 GMT content-type text/css server Apache vary Accept-Encoding
GET H2	200	question.svg gcxiu.com/style/img/	717 B 801 B	300ms 298ms	Image image/svg+xml	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/question.svg Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 717 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"717-1727688026000" last-modified Mon, 30 Sep 2024 09:20:26 GMT content-type image/svg+xml server Apache
GET H2	200	gtm.js Show response gcxiu.com/js/	504 KB 507 KB	298ms 297ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"515639-1727680328000" accept-ranges bytes content-length 515639 date Tue, 01 Oct 2024 20:30:53 GMT last-modified Mon, 30 Sep 2024 07:12:08 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H/1.1	200 OK	/ seal.digicert.com/seals/cascade/	155 B 560 B	627ms 561ms	Image image/png	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=ib.jibunbank.co.jp&format=png&lang=ja&seal_number=18&seal_size=s&an=min Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers Strict-Transport-Security max-age=31536000 cache-control max-age=7776000 x-envoy-upstream-service-time 27 Connection keep-alive X-Content-Type-Options nosniff expires Mon, 30 Dec 2024 20:30:53 GMT Content-Length 155 Date Tue, 01 Oct 2024 20:30:53 GMT X-XSS-Protection 1; mode=block Content-Type image/png last-modified Tue, 01 Oct 2024 20:30:52 GMT Server nginx
GET H2	200	seal.min.js Show response gcxiu.com/js/	8 KB 8 KB	250ms 249ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/seal.min.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"7741-1727688784000" accept-ranges bytes content-length 7741 date Tue, 01 Oct 2024 20:30:53 GMT last-modified Mon, 30 Sep 2024 09:33:04 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	p_img04.png gcxiu.com/style/img/	17 KB 17 KB	298ms 298ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img04.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 17497 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"17497-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	p_img05.png gcxiu.com/style/img/	18 KB 19 KB	476ms 475ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img05.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 18851 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"18851-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	p_img06.png gcxiu.com/style/img/	17 KB 17 KB	2198ms 2197ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img06.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 16987 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"16987-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	pc_cachcard_back.gif gcxiu.com/style/img/	76 KB 77 KB	2197ms 2197ms	Image image/gif	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/pc_cachcard_back.gif Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 78211 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"78211-1727688220000" last-modified Mon, 30 Sep 2024 09:23:40 GMT content-type image/gif server Apache
GET H2	200	fraudalert_form.js Show response gcxiu.com/js/	950 B 1000 B	251ms 249ms	Script application/javascript	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/js/fraudalert_form.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers etag W/"950-1727680664000" accept-ranges bytes content-length 950 date Tue, 01 Oct 2024 20:30:53 GMT last-modified Mon, 30 Sep 2024 07:17:44 GMT content-type application/javascript server Apache vary Accept-Encoding
POST H2	200	pageServlet Show response gcxiu.com/api/	2 B 28 B	2200ms 2198ms	XHR text/html	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/api/pageServlet Requested by Host: gcxiu.com URL: https://gcxiu.com/js/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567 Request headers Referer https://gcxiu.com/login.jsp X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept text/plain, */*; q=0.01 Content-Type application/x-www-form-urlencoded Response headers content-length 2 date Tue, 01 Oct 2024 20:30:53 GMT content-type text/html;charset=UTF-8 server Apache
GET H2	200	NotoSansCJKjp-RegularSubset.woff gcxiu.com/style/font/	397 KB 399 KB	2192ms 2191ms	Font font/woff	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/style/font/NotoSansCJKjp-RegularSubset.woff Requested by Host: gcxiu.com URL: https://gcxiu.com/style/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://gcxiu.com Referer https://gcxiu.com/style/css/style.css Response headers accept-ranges bytes content-length 406344 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"406344-1727681130000" last-modified Mon, 30 Sep 2024 07:25:30 GMT content-type font/woff server Apache
GET H2	200	question.svg gcxiu.com/style/img/	717 B 766 B	1944ms 1897ms	Image image/svg+xml	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/question.svg Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 717 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"717-1727688026000" last-modified Mon, 30 Sep 2024 09:20:26 GMT content-type image/svg+xml server Apache
GET H/1.1	200 OK	seal.min.js Show response seal.digicert.com/seals/cascade/	8 KB 8 KB	489ms 422ms	Script text/javascript	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://seal.digicert.com/seals/cascade/seal.min.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers Strict-Transport-Security max-age=31536000 etag "1e3d-62363a70326c0" x-envoy-upstream-service-time 1 Connection keep-alive X-Content-Type-Options nosniff Accept-Ranges bytes Content-Length 7741 Date Tue, 01 Oct 2024 20:30:53 GMT X-XSS-Protection 1; mode=block Content-Type text/javascript last-modified Tue, 01 Oct 2024 05:32:51 GMT Server nginx
GET H2	200	p_img04.png gcxiu.com/style/img/	17 KB 17 KB	1946ms 1900ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img04.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 17497 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"17497-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	p_img05.png gcxiu.com/style/img/	18 KB 19 KB	1945ms 1722ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img05.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 18851 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"18851-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	p_img06.png gcxiu.com/style/img/	17 KB 17 KB	15904ms 13958ms	Image image/png	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/p_img06.png Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/login.jsp Response headers accept-ranges bytes content-length 16987 date Tue, 01 Oct 2024 20:31:04 GMT etag W/"16987-1727689012000" last-modified Mon, 30 Sep 2024 09:36:52 GMT content-type image/png server Apache
GET H2	200	NotoSansCJKjp-MediumSubset.woff gcxiu.com/style/font/	397 KB 399 KB	1926ms 1926ms	Font font/woff	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Full URL https://gcxiu.com/style/font/NotoSansCJKjp-MediumSubset.woff Requested by Host: gcxiu.com URL: https://gcxiu.com/style/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://gcxiu.com Referer https://gcxiu.com/style/css/style.css Response headers accept-ranges bytes content-length 406932 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"406932-1727681130000" last-modified Mon, 30 Sep 2024 07:25:30 GMT content-type font/woff server Apache
GET H2	200	f.js Show response static.fraud-alert.net/	56 KB 20 KB	53ms 9ms	Script application/javascript	2600:9000:235a:dc00:10:3572:e540:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.fraud-alert.net/f.js Requested by Host: gcxiu.com URL: https://gcxiu.com/js/fraudalert_form.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:dc00:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers x-amz-cf-pop FRA60-P9 content-encoding gzip etag W/"f98f7793266711a8689fe211e9d65b52" age 43879 via 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id _FPjidN5_07pDYZ94rrzjVlcseuk7SiJcTPEs2N0Zziz8Lx1fAkrzA== date Tue, 01 Oct 2024 08:19:35 GMT content-type application/javascript vary Accept-Encoding server AmazonS3 last-modified Sun, 22 Oct 2023 12:05:34 GMT x-amz-server-side-encryption AES256
GET H2	200	arrow_gray.svg gcxiu.com/style/img/	539 B 588 B	1921ms 1920ms	Image image/svg+xml	154.91.176.218 AROSS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gcxiu.com/style/img/arrow_gray.svg Requested by Host: gcxiu.com URL: https://gcxiu.com/style/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US), Reverse DNS Software Apache / Resource Hash 7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/style/css/style.css Response headers accept-ranges bytes content-length 539 date Tue, 01 Oct 2024 20:30:53 GMT etag W/"539-1727688026000" last-modified Mon, 30 Sep 2024 09:20:26 GMT content-type image/svg+xml server Apache
POST H2	200	accept Show response p.fraud-alert.net/	31 B 512 B	745ms 683ms	XHR text/plain	18.66.147.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.fraud-alert.net/accept Requested by Host: static.fraud-alert.net URL: https://static.fraud-alert.net/f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-55.fra60.r.cloudfront.net Software / Resource Hash 87ad0b5570e2bf7b094ffafc6157505dcaac537950cd2f08e75d4bd688d51db9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Referer https://gcxiu.com/ Response headers access-control-allow-credentials true via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) access-control-allow-origin https://gcxiu.com x-cache Miss from cloudfront content-length 31 x-amz-cf-id wOrJm7nkz9VlMr2xIMsD_kiHTny-uUaESyZCBJ6sQODkw8tBqTOt2g== date Tue, 01 Oct 2024 20:30:54 GMT x-amz-cf-pop FRA60-P4
GET		/ localhost/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 79 KB	46ms 22ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-14077821&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 82e7b7dba1b27db4d7e14d0f37272cfba34a3bfd773e41accf9373c581eaf4e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80094 x-xss-protection 0 server Google Tag Manager
GET H2	200	ytag.js Show response s.yimg.jp/images/listing/tool/cv/	32 KB 11 KB	989ms 260ms	Script application/javascript	183.79.249.252 YAHOO-JP-AS-AP Ya...
General Check archive.org Show headers Download Go to Full URL https://s.yimg.jp/images/listing/tool/cv/ytag.js Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 183.79.249.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP), Reverse DNS Software nghttpx / Resource Hash 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip age 298 access-control-allow-methods GET traceresponse 00-95fb8851875d09cd16f7aa006069aaf8-c9f8b6a4838753c1-01 date Tue, 01 Oct 2024 20:26:12 GMT last-modified Tue, 01 Oct 2024 08:29:59 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-dt-tracestate aa486440-7801d3e5@dt cache-control public, max-age=600 accept-ch Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch ats-carp-promotion 1 permissions-policy ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=* content-length 10561 server nghttpx x-ntap-sg-trace-id 8d048aa62444c3c1 x-z-chihaya r=1
GET H2	200	destination Show response www.googletagmanager.com/gtag/	254 KB 90 KB	65ms 45ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 28c49af53c5cd6fd2195e45486b50cfb6dfaf1b7aa5a5b635229e88658f3ccba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91531 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	247 KB 87 KB	64ms 45ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f8d14ad6cdb0a7bbfa27c178149fedad35b8dd240c38d2d4d469c6baaabbe13b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89414 x-xss-protection 0 server Google Tag Manager
GET H2	200	bat.js Show response bat.bing.com/	49 KB 15 KB	66ms 31ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "803483b3aaadb1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7556FEF2BB874D1BA4756B9D15B1760E Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14402 date Tue, 01 Oct 2024 20:31:08 GMT content-type application/javascript last-modified Thu, 19 Sep 2024 15:43:41 GMT vary Accept-Encoding
GET H2	200	destination Show response www.googletagmanager.com/gtag/	247 KB 87 KB	55ms 39ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 62554cab9663f63f59035289a4ce89d0a96b9233fdc1148e2454cceda69e9c89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89331 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	247 KB 88 KB	45ms 29ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3785a451d966206f09b2e65d79c7f1d205fd249288fc20581f15b0892815a540 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89456 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	247 KB 88 KB	50ms 35ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cdf2556cb5b8d7e4e90fae858bca0bd337e4a50333bb1d4144ce427d3d7ef46d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89552 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	254 KB 89 KB	32ms 30ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-709179453 Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fe3c44611999a0d92de57a9db6fb60ac9027db9a8e25bd27eddab6028ea760fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 91480 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	235 KB 84 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-723623815 Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0c7bdf980c851f8659b2557e3ee4840ae6290529109319854c822980140aff14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86391 x-xss-protection 0 server Google Tag Manager
GET H2	200	ad1f1040ad9ca638cc6ee793ef48a4f6.js Show response ob.segreencolumn.com/i/	108 KB 40 KB	44ms 7ms	Script text/javascript	2600:9000:2490:9600:18:15b9:5a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:9600:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Caddy / Resource Hash 51ae2f5a753c96b5c70779481552f3636df036952791a90c7853af58c73a35f9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control max-age=43200 content-encoding gzip etag "1ae5b-YGTsV4Kh386LbDpwhQvf4aaoogg" age 12183 via 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront) expires Wed, 02 Oct 2024 05:08:06 GMT x-cache Hit from cloudfront content-length 40308 x-amz-cf-id tDmYkvGaWYXP-LydTDkTwvzL5GwcnXQsJfoC8c9OzJ7lKzPHrQdPtg== date Tue, 01 Oct 2024 17:08:17 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server Caddy x-amz-cf-pop FRA56-P6
GET H2	200	lt.js Show response d.line-scdn.net/n/line_tag/public/release/v1/	32 KB 10 KB	36ms 8ms	Script application/javascript	2.20.65.72 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.20.65.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-20-65-72.deploy.static.akamaitechnologies.com Software VOS / Resource Hash d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip x-amz-version-id aLHCm1toaevjRzyK9ZlkfyErvpEL9I2 etag "02e4691c0dcc2f7ecef2712fb0f24921" expires Mon, 14 Oct 2024 17:22:12 GMT x-rgw-object-type Normal date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript last-modified Mon, 02 Oct 2023 06:16:39 GMT x-amz-expiration expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle" vary Accept-Encoding strict-transport-security max-age=15768000 cache-control max-age=1111863 x-amz-request-id tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2 accept-ranges bytes content-length 9865 server VOS
GET H2	200	pixel.js Show response cdn.smartnews-ads.com/i/	5 KB 2 KB	689ms 157ms	Script application/javascript	23.213.164.35 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.smartnews-ads.com/i/pixel.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.164.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-35.deploy.static.akamaitechnologies.com Software / Resource Hash 58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control max-age=236 content-encoding gzip x-amz-meta-version 8.4.6 etag "709c82eb76cb41d00bb431534c33b6ff" x-amz-version-id U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj expires Tue, 01 Oct 2024 20:35:06 GMT accept-ranges bytes content-length 1922 date Tue, 01 Oct 2024 20:31:10 GMT last-modified Mon, 21 Nov 2022 09:11:10 GMT content-type application/javascript vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	226 KB 58 KB	22ms 10ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: gcxiu.com URL: https://gcxiu.com/login.jsp Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 989c0da7452129f2a1514d81b7f7ed93236373e654ea055bd6e022d74b98227c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 20:31:09 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug ZxyxAH4dfi2SAR53X/iqXEJAiS4SXxk17CAT/yfrzxx2gpevUUCgnhx9cJBgu7pZ9bGpolTBv6aRJU+2UPgRMQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59125 x-xss-protection 0
GET H2	200	adme_tk.neo Show response tk.csolution.jp/	1 KB 2 KB	1120ms 919ms	Script binary/octet-stream	18.245.86.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tk.csolution.jp/adme_tk.neo Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.86.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-86-11.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers etag "01b42b52842905b667f426f1145dfab9" via 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront) accept-ranges bytes x-cache RefreshHit from cloudfront content-length 1231 x-amz-cf-id ccSYrRkbTQvSuZQCBb_feG1A_xH7sj9EA_nPvPJ1i58Plr50q1KrZA== date Tue, 01 Oct 2024 20:31:11 GMT content-type binary/octet-stream last-modified Tue, 14 Jan 2020 06:27:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P6
GET H2	200	vclp.js Show response trj.valuecommerce.com/	4 KB 5 KB	218ms 6ms	Script application/javascript	2600:9000:2359:fe00:18:82c:9d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trj.valuecommerce.com/vclp.js Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:fe00:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash 7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers x-goog-metageneration 1 access-control-expose-headers Content-Type,Content-Range,x-goog-resumable x-goog-hash crc32c=OgAn0A==, md5=kCQf0OwmWvrHxLOR4fgqqw== etag "90241fd0ec265afac7c4b391e1f82aab" age 213 x-goog-stored-content-encoding identity expires Tue, 01 Oct 2024 20:32:36 GMT x-goog-stored-content-length 3874 x-cache Hit from cloudfront x-amz-cf-id ZzwJ_53toFSGHL61BYO1yhT9zvTFglYXIj1CxqnV-He_MMFxJ6qTVQ== date Tue, 01 Oct 2024 20:27:36 GMT content-type application/javascript last-modified Mon, 17 Jan 2022 07:06:52 GMT vary Accept-Encoding x-guploader-uploadid AD-8ljvviwTgMBSOe1Lex1spUp8bV2Knc6Mt2GrF51uebxYATbl6InRqRkoflYeBrana2CJaQcvL1v1DBA cache-control max-age=300 x-goog-storage-class REGIONAL via 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * x-goog-generation 1642403212642544 content-length 3874 x-amz-cf-pop FRA60-P10 server UploadServer
GET H2	200	8c9dd94c00f839.js Show response cdn.kaizenplatform.net/s/df/	317 KB 101 KB	237ms 21ms	Script application/javascript	104.102.48.131 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.102.48.131 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-48-131.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 18feb6ecb24ef112ba8662cb6227b45ba57f716feb9cce74e328808b3d64ff7a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers access-control-max-age 3000 content-encoding gzip etag "f8bee66bc8c7429e3dc32eb70ac8a42d" x-amz-version-id null access-control-allow-methods GET date Tue, 01 Oct 2024 20:31:09 GMT last-modified Tue, 20 Aug 2024 07:03:27 GMT vary Accept-Encoding content-type application/javascript x-amz-id-2 YcXTw3tF11xBhej+OZtM+Akwuey3yoQpTE9MLlR88cPidTZvdBYQi24P/3f7ZM2YjynWjf+tQXk= cache-control max-age=300 x-amz-request-id 0FWGE7NE9VM2F38B accept-ranges bytes access-control-allow-origin * content-length 102766 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ad1f1040ad9ca638cc6ee793ef48a4f6.html obs.segreencolumn.com/ns/	0 250 B	447ms 222ms	Image text/html	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://obs.segreencolumn.com/ns/ad1f1040ad9ca638cc6ee793ef48a4f6.html?ch=cheq4ppc&gtmcb=839018112 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, no-store, must-revalidate content-length 0 date Tue, 01 Oct 2024 20:31:09 GMT pragma no-cache content-type text/html cross-origin-resource-policy cross-origin
GET H/1.1	200 OK	tag.gif tr.line.me/	43 B 425 B	754ms 252ms	Image image/gif	147.92.191.92 LINE LINE Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.line.me/tag.gif?b_id=f422e736-44a9-4525-bdf2-00b27a53c277&b_u=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&b_d=gcxiu.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=e2014bcf-25a712b7&x4=100&e=pv&v=3.4.1&_t=1727814669433 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers Cache-Control private, no-store, no-cache, must-revalidate Content-Length 43 Date Tue, 01 Oct 2024 20:31:10 GMT Content-Type image/gif Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive
GET H/1.1	200 OK	tag.gif tr.line.me/	43 B 425 B	732ms 242ms	Image image/gif	147.92.191.92 LINE LINE Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.line.me/tag.gif?b_id=f422e736-44a9-4525-bdf2-00b27a53c277&b_u=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&b_d=gcxiu.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=9dd1ca22-3499-4044-8a02-0c2d3241b696&s_id=e2014bcf-25a712b7&x4=400&e=pv&v=3.4.1&_t=1727814669434 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers Cache-Control private, no-store, no-cache, must-revalidate Content-Length 43 Date Tue, 01 Oct 2024 20:31:10 GMT Content-Type image/gif Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive
GET H2	200	97022402.js Show response bat.bing.com/p/action/	369 B 424 B	32ms 31ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/97022402.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 740C56FED0744730AF5E19E13586DB03 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	ct Show response obs.segreencolumn.com/	4 KB 2 KB	386ms 298ms	Script text/javascript	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/ct?id=46070&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1727814669629&hl=2&op=0&ag=566412661&rand=6428012087188702010625258120006574052230858820941009802812121410066897066720880827812&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDc0ODBdLFsiYWJuY2giLDM1XSxbLTI1LCItIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTU5LCJkZWZhdWx0Il0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0zOCwiYywtMSwtMSwwLDAsMSwwLDY1OSw0OTMsNTAwLC0xLDAsNTIxMS4zLDUyMTEuMywyMTQzNiwyMTQzNyJdLFstNDYsIjAiXSxbLTU0LCJ7XCJoXCI6W10sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjI1ODY3ODY5NjFcIl0sXCJzXCI6MX0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjIsIjgwIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTEzLCItIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzUsIlsxNzI3ODE0NjY5NTI2LC0yXSJdLFstNTgsIi0iXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTEsIi0iXSxbLTE1LCItIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEwIl0sWy01MSwiLSJdLFstNTMsIjEwMCJdLFstNjAsMjA3XSxbLTY3LCIyNTMyMzEyODg4OjIyIl0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFstOSwiKyJdLFstMzMsIi0iXSxbLTUwLCItIl0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksdXNiLGNoc2F2ZWRhdGEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsc2hhcmVkc3RvcmFnZSxydW5hZGF1Y3Rpb24sY2h1YWZvcm1mYWN0b3JzLGNoZG93bmxpbmssb3RwY3JlZGVudGlhbHMscGF5bWVudCxjaHVhLGNodWFtb2RlbCxjaGVjdCxhdXRvcGxheSxjYW1lcmEscHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxhY2NlbGVyb21ldGVyLGNodWFwbGF0Zm9ybXZlcnNpb24saWRsZWRldGVjdGlvbixwcml2YXRlYWdncmVnYXRpb24saW50ZXJlc3Rjb2hvcnQsY2h2aWV3cG9ydGhlaWdodCxsb2NhbGZvbnRzLGNodWFwbGF0Zm9ybSxtaWRpLGNodWFmdWxsdmVyc2lvbix4cnNwYXRpYWx0cmFja2luZyxjbGlwYm9hcmRyZWFkLGdhbWVwYWQsZGlzcGxheWNhcHR1cmUsa2V5Ym9hcmRtYXAsam9pbmFkaW50ZXJlc3Rncm91cCxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsZ3lyb3Njb3BlLHNlcmlhbCxjaHJ0dCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsdW5sb2FkLGNoZHByLGNocHJlZmVyc2NvbG9yc2NoZW1lLGNodWF3b3c2NCxhdHRyaWJ1dGlvbnJlcG9ydGluZyxmdWxsc2NyZWVuLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGhpZCxjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGNsaXBib2FyZHdyaXRlLG1pY3JvcGhvbmUiXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFstMiwiOCxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BJc2dJSWpTUSs4aUtncUkwb3NJQWlwRkVFUVJJa1VnZEVRUXBVb0pTQXRDQXFTSDlHeXk3WldaK2VyL2QrZTkyYndzQ1NELzFlIl0sWy01LCItIl0sWy0xNiwiMCJdLFstMjMsIisiXSxbLTUyLCItIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTJ8fDAiXSxbLTE0LCItIl0sWy0yNCwiW10iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZEtYQmtSVVUxTlNVb0RGaFpXV3hkS1hGNUxYRnhYV2xaVlRGUlhGMXBXVkJaUUZsaGRDRjhJQ1EwSldGMEFXbGdQQ2dGYVdnOWNYQTRBQ2x4ZkRRRllEVjhQRjFOS0F3Z0REd0VJQ2c0UUZWaE5HVXNaRVZGTlRVbEtBeFlXVmxzWFNseGVTMXhjVjFwV1ZVeFVWeGRhVmxRV1VCWllYUWhmQ0FrTkNWaGRBRnBZRHdvQldsb1BYRndPQUFwY1h3MEJXQTFmRHhkVFNnTUlBdzRMRGc9PSJdLFstNjUsIi0iXSxbLTcwLCItIl0sWy00LCItIl0sWy04LCItIl0sWy0yOSwiLSJdLFstMzEsImZhbHNlIl0sWy0zNCwiLSJdLFstNDEsIi0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDgsIjAsMCJdLFstNTUsIjEiXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzExNzAsMTU3MCwxMTcwLDE1NzAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMzIsIi0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTYzLCIwIl0sWy02OCwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstMTAsIi0iXSxbLTE3LCIxMiJdLFstMjYsIntcInRqaHNcIjoxNTk5MzA2OSxcInVqaHNcIjoxMzk3OTAxNyxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzAsIltcInZcIiwwXSJdLFstNDksIi0iXSxbImJuY2giLDE2Ml0sWy00MCwiMzMiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGRlLGxhdG4sZ3JlZ29yeSJdLFsiZGRiIiwiMCw4LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMSwyLDQsMCw4LDAsMSwwLDAsMCwwLDEsMCwwLDEsMCwwLDYsMSwwLDAsMCwwLDAsMjIsMCwwLDEsMSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCw0LDAsMCwxNiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDYsMCwxLDAsMCwwLDAsMSwzLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=kSFVY6vry3&pto=21564&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1727814669.JnDCHILtn20cwqyx&suid=1.1727814669.gZ4py28n58APOwT7&tuid=1.1727814669.C4YqIMwwCP4OSRPT&fbc=-&gtm=W10%3D&it=37%2C21323%2C65&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash f715fd43bbc2b239fed24c831b3b54c682b5f6f0fd15643c150f00b238f3112d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin https://gcxiu.com content-encoding gzip pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT content-length 1663 date Tue, 01 Oct 2024 20:31:09 GMT content-type text/javascript
GET H2	200	97114338.js Show response bat.bing.com/p/action/	369 B 394 B	31ms 31ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/97114338.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 407A9D15B7944D7B8ED4014BDBF2A9F1 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	97050327.js Show response bat.bing.com/p/action/	369 B 394 B	30ms 30ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/97050327.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2BCE48EAA88C4BB996AC6B8586C95224 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	97050325.js Show response bat.bing.com/p/action/	369 B 393 B	30ms 30ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/97050325.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0D12C7F6E196400AB55ADB60242A1240 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H3	200	594307549455110 Show response connect.facebook.net/signals/config/	76 KB 15 KB	69ms 68ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/594307549455110?v=2.9.170&r=c2&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8c16007618f73d725fdfa9d1f533047394154fbbd5825df7179b2c7c2b1fb0d1 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 20:31:09 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=68, mss=1232, tbw=67279, tp=63, tpl=0, uplat=61, ullat=0 pragma public x-fb-debug kOsCy9bhX8Ub2RaIaJYpF2Vg7BHAhBfWEfZgEUHhUUyvZkl0rRnPqQSZ9kQN0zaOFWxWjrpbU8lMVz0vjeOouA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	js Show response www.googletagmanager.com/gtag/	235 KB 85 KB	24ms 24ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9bbe29dbce0a8a43fa1be24e4ecb11c8a683fc13a7f4a847dab6cab4046c48df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86501 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	235 KB 85 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fd2214e3729d2be5a755cf1ba478fca4eda16a9e3cc7797289f72254f0050cec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86502 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	235 KB 85 KB	26ms 25ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c4d5cad5514797735778333ba6709e453467fe950aaab983cc9568e6c1377511 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86495 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	247 KB 87 KB	35ms 35ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b317f468e846e9eeb8e02dfa2b0723f99336fcee3e9e1f3cc6fd7c6e75540e24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89368 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	235 KB 85 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a702cc6d0e9be7d6bf97eee56124457727aa11c0e515c1a88d9cefa368583743 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:09 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 86501 x-xss-protection 0 server Google Tag Manager
GET H2	204	0 bat.bing.com/action/	0 177 B	32ms 30ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=97022402&Ver=2&mid=c32b346f-bfa1-4c49-9567-01b6d1f829f2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=5479&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=156228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8186E38F9A8540EFAC16690F9E49DDF8 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT
GET H2	204	0 bat.bing.com/action/	0 120 B	723ms 722ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=97114338&tm=gtm002&Ver=2&mid=b4e4921b-ec41-41c0-a1a9-2ba48f8f4e1a&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=5479&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=276980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E4916C2BC1B344FEBFE8B271773261D2 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:09 GMT
GET H2	204	0 bat.bing.com/action/	0 121 B	78ms 77ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=97050327&tm=gtm002&Ver=2&mid=e47cf7e9-c897-4bbf-add3-f33997cfc29e&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=5479&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=124086 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CABCECBA43F44AF5803C97D8D69BA74C Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT
GET H2	204	0 bat.bing.com/action/	0 120 B	79ms 78ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=97050325&tm=gtm002&Ver=2&mid=08e03d8b-d5ec-4495-9970-c42b8c19df21&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&r=&lt=5479&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=503732 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F67B5A4F7DB442608C6543076BFED740 Ref B: FRAEDGE1109 Ref C: 2024-10-01T20:31:09Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 20:31:08 GMT
GET H3	200	2401863046519079 Show response connect.facebook.net/signals/config/	35 KB 6 KB	75ms 74ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2401863046519079?v=2.9.170&r=c2&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fd0966b384b8c881141d45011244dd73d3951920bf7501a75934fc13dba048ac Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 20:31:09 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=82, mss=1232, tbw=84594, tp=82, tpl=0, uplat=66, ullat=0 pragma public x-fb-debug bUwbAI3FcdiOg7RpGM/gQ4H43EuXGo907yfu/hhCeP0pRPvuzoQBkx7xxu5ohxa/5Rq/kVu7NvLqP/THVFAP7Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 273 B	122ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669853&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=4124&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=4d5973&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2821, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:09 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	254ms 139ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669853&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=4124&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=4d5973&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907498330257122"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug 0seYHejNMQhNJwEBADCFRWzRJb9hB6g4NM7+M7bm22zKsJyR/Pks1ZDB/jcaxL5/9D29WLOCALi/FHJIsfC+og== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907498330257122", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3951, tp=-1, tpl=-1, uplat=131, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 102 B	10ms 9ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669972&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=e7e9b9&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&cas=7469710046409932&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3234, tp=-1, tpl=-1, uplat=1, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:09 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 884 B	170ms 169ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669972&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=e7e9b9&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&cas=7469710046409932&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907497057661135"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug xmrk54sl8U3lAF+aHqjqxAtpT0PjjHx9vNscA5A0KcO83+7n8/3k/OFdN4KtovJmg7MqWD/L7VAMZej3o9x++g== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907497057661135", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=9352, tp=-1, tpl=-1, uplat=163, ullat=0 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 102 B	9ms 8ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669976&sw=1600&sh=1200&v=2.9.170&r=c2&ec=1&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=ecdf13&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&tm=1&cs_cc=1&cas=6234696556613005&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3349, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:09 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 908 B	173ms 172ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814669976&sw=1600&sh=1200&v=2.9.170&r=c2&ec=1&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=ecdf13&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&tm=1&cs_cc=1&cas=6234696556613005&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907497609347128"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug kklLYsZZylFI/WyyK9vQTvVOXAwKfjwSpWAjXGnjVKrp2WNFtnti/WJ/0/9w62bEyOV8DD1k4OCx3wL2NirBjw== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907497609347128", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=10258, tp=-1, tpl=-1, uplat=165, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	2401863046519070 Show response connect.facebook.net/signals/config/	2 KB 1 KB	51ms 50ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2401863046519070?v=2.9.170&r=c2&domain=gcxiu.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 20:31:10 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=87, mss=1232, tbw=91024, tp=91, tpl=0, uplat=42, ullat=0 pragma public x-fb-debug I79HYwFurohlMhKV0WZBMHX6RufBStSchwttrrABbqRPOe1maK7O/eWGDaWYS23p5EMvI9639OHmd4vzfMpCBw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	ytag.js Show response s.yimg.jp/images/listing/tool/cv/	32 KB 0	344ms 344ms	Script application/javascript	183.79.249.252 YAHOO-JP-AS-AP Ya...
General Check archive.org Show headers Download Go to Full URL https://s.yimg.jp/images/listing/tool/cv/ytag.js Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 183.79.249.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP), Reverse DNS Software nghttpx / Resource Hash 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding gzip age 298 access-control-allow-methods GET traceresponse 00-95fb8851875d09cd16f7aa006069aaf8-c9f8b6a4838753c1-01 date Tue, 01 Oct 2024 20:26:12 GMT last-modified Tue, 01 Oct 2024 08:29:59 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-dt-tracestate aa486440-7801d3e5@dt cache-control public, max-age=600 accept-ch Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch ats-carp-promotion 1 permissions-policy ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=* content-length 10561 server nghttpx x-ntap-sg-trace-id 8d048aa62444c3c1 x-z-chihaya r=1
GET H3	200	js Show response www.googletagmanager.com/gtag/	247 KB 87 KB	24ms 24ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e8f6b85b351a81801d1fe4560341aaa5c95d50d2f31b6259480f2f6e752fecb0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 20:07:30 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89472 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	247 KB 87 KB	31ms 31ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 293c5654654af62ffdadb6f42ef7343bbafb55c01d2c9f77a1d2e7aaa300a422 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89419 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	247 KB 87 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c Requested by Host: gcxiu.com URL: https://gcxiu.com/js/gtm.js?id=GTM-T4FSCDF Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1f71e94a9c9b7c0e44e0c05ef411e221ae015cadcd8ab4b8b2cf55cc9c39e795 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 20:31:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 20:31:10 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 19:03:53 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 89399 x-xss-protection 0 server Google Tag Manager
GET		d636dd3e-0935-46fb-ae0c-21c129738696 https://gcxiu.com/	0 0
GET H3	200	/ www.google.de/pagead/1p-conversion/721484514/ Redirect Chain https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW... https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq... https://www.google.de/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5...	42 B 64 B	70ms 31ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5yZnYPuiAMVAZz9Bx1X9wY_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfZPVb1LPOBlQ5aA1Bhnq2dp1sErWblg&random=322882692&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=1346848408&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIq5yZnYPuiAMVAZz9Bx1X9wY_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfZPVb1LPOBlQ5aA1Bhnq2dp1sErWblg&random=322882692&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.de/pagead/1p-conversion/721521220/ Redirect Chain https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx... https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpq... https://www.google.de/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqG...	42 B 64 B	68ms 30ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqGZnYPuiAMVho79Bx0CIR6JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf5jobxQb3N9ZMoo6aHsPRu2UgSDvcIQ&random=2294764186&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=387402291&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMIpqGZnYPuiAMVho79Bx0CIR6JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnf5jobxQb3N9ZMoo6aHsPRu2UgSDvcIQ&random=2294764186&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.de/pagead/1p-conversion/856479406/ Redirect Chain https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW... https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmx... https://www.google.de/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxA...	42 B 64 B	67ms 36ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxAg&pscrd=IhMImaGZnYPuiAMV2Jn9Bx1SlhhEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfste-yLWXTG2AzjKhcKNyFK3spKJXpg&random=3085209594&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1636462092&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjqxrECCKPFsQIIkcmxAg&pscrd=IhMImaGZnYPuiAMV2Jn9Bx1SlhhEMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfste-yLWXTG2AzjKhcKNyFK3spKJXpg&random=3085209594&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	tc_imp.gif obs.segreencolumn.com/tracker/	43 B 102 B	105ms 102ms	Image image/gif	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e9cf34ee418c949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a178d6a2717071a10acf9f29f671dd4d6880629391df87c7751d63fd662c501610d279a52550d35000cc0bd691977be26bb25cb43e2913bf05365ac5c7e721bda53ee46f49483df3dbb2907fe7fcaf900658b0e3512734193850162a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7278ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82d8e26b96660cd8f99a794e43fe666dfac14661e88af3208805fe14ba831dc64ed9d36d9a6d279c9827da6d92cefab6cdb3f11338ae6bf2fbb9234e2beb802bc9f15ce01a1b1e8b020ddc8ecfc0d0eec57e882cd7deeddb36ae6c7c37957527d4ccc01f7c9ea872eb59a7b56ad639ef7d0213078276a80e9c9ffd31f8973fc31bf79fdbcb27d6190423bd5f1e1326097fcdab70e257c6cdc76ae59266e99b29d994e2f371cfe8a7532630c8ec5d65d5bc0e5614dfeaa26cb62788f64eb9b25dee25f56fd12a8006ddba21d50635a6f2806c543c630a36085e11b6e08c6cd202ab444e4329fba84edf981808e2b9dfbabc6bdeece4fc84f0b3f04b4f3ffa5b87b6596d845f6407ca60557270eb78a87f05dfeac261967dd1258ab731cbb80ff4671d75655b280196d2e5c53d7c579d104491d5dfb2aeb00d71edc8c401d291717b8b95537521eb8dcb1564ee7397558d1bfd3e9c10dcc012fcbc34eb85dfb89c072bede865668a07c6f2f7cf118e70265240cd3c515aa3a2418eeb16cd919acc52cb8e99400a5e06c740ec42d935b6fe0af45227335d283f3fb74884ea5e49ab2d84fee73fd9d35fd82537fe6d237fceac8855048c24a2d74f84153b0156ae6f79c0bddd6bc85e2288c54ef0cdd7fe9c509a00006007f874265b80824c01f82eedfedd3fd090bf5f4f76a3763257479c4212f493ed1b188c702e90c4c553c3d4a6dd0074ef22b10676449d0d3175dcd0044897c4ba959bf261bd65f5358c7b969d0892bca46862a2&cri=kSFVY6vry3&ts=422&cb=1727814670051 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, no-store, must-revalidate content-length 43 date Tue, 01 Oct 2024 20:31:10 GMT pragma no-cache content-type image/gif
GET		eca43000-285e-4180-989a-fd246c362554 https://gcxiu.com/	0 0
GET H2	200	/ www.facebook.com/tr/	0 124 B	11ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814670078&sw=1600&sh=1200&v=2.9.170&r=c2&ec=1&o=4124&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=cf4c5f&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3626, tp=-1, tpl=-1, uplat=1, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:10 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 847 B	46ms 44ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814670078&sw=1600&sh=1200&v=2.9.170&r=c2&ec=1&o=4124&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=cf4c5f&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907502103989192"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug nlb/LZkMvk3FxfPpNNMyKxmw5A4fukVCFQ42/dJ5FGEOHOyYJJg+qpndlSenEHGYR7DIfeYsAVVUjmEYj6oyKA== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907502103989192", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=6749, tp=-1, tpl=-1, uplat=37, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 103 B	11ms 10ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814670080&sw=1600&sh=1200&v=2.9.170&r=c2&ec=2&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=aadb5d&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&cas=24333884979543306&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3763, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:10 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 845 B	50ms 48ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com&rl=&if=false&ts=1727814670080&sw=1600&sh=1200&v=2.9.170&r=c2&ec=2&o=12316&fbp=fb.1.1727814669852.638196303405409487&pm=1&hrl=aadb5d&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&cs_cc=1&cas=24333884979543306&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907501772929528"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug EinfcFfB7kv7wO+3/hGeXa0oBhb9JiYf6uMbx0gTzmR2XfUK8Jzoq2mUkBsM/v5+DMsb+Sf80nS3MccVx4mpkQ== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907501772929528", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=8485, tp=-1, tpl=-1, uplat=38, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	/ www.facebook.com/tr/	0 32 B	11ms 9ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rl=&if=false&ts=1727814670082&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3763, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 20:31:10 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 845 B	46ms 45ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rl=&if=false&ts=1727814670082&sw=1600&sh=1200&v=2.9.170&r=c2&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1727814669703&coo=false&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420907502899607134"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 20:31:10 GMT content-type image/png vary Accept-Encoding x-fb-debug LI7jYKsXjKmxK+0HCENa1UmGsVnm8yUHxsqw9IgPpQhflfv0R1xloVYMQwnonu708/xWRSNdHdCC0rZz3nf1Kw== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420907502899607134", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=7618, tp=-1, tpl=-1, uplat=37, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/721484514/	6 KB 3 KB	29ms 28ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/721484514/?random=1727814670111&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 70059120c83ea270c8b14be8bb78fb7b1973c25b84c30a297a9449ae0a2cbb51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2682 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/721521220/	6 KB 3 KB	40ms 40ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/721521220/?random=1727814670136&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 31ae300480fa76248998e9278c9506f776b314e87bcda89056e6763f1c9401d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2676 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/856479406/	5 KB 3 KB	27ms 26ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/856479406/?random=1727814670163&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ccb8cb11d3eabaf92d51cce936cf73924706cc4721d2e70e953d9b5e1da65cf1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2655 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	p i.smartnews-ads.com/	2 B 645 B	809ms 276ms	Image text/plain	52.194.158.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1727814670&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=fed0e49e-d2a8-42ff-8d26-65e3ae0f12e1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.194.158.90 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-194-158-90.ap-northeast-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers date Tue, 01 Oct 2024 20:31:10 GMT content-type text/plain; charset=utf-8 content-length 2
GET H/1.1	200 OK	smallest.png i6.smartnews-ads.com/	95 B 474 B	61ms 14ms	Image image/png	2a02:26f0:3500:f95::322 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1727814670&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=fed0e49e-d2a8-42ff-8d26-65e3ae0f12e1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:f95::322 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers ETag "71a50dbba44c78128b221b7df7bb51f1" Connection keep-alive x-amz-request-id RJMS1VDRVY6MFEJ4 Accept-Ranges bytes Content-Length 95 Date Tue, 01 Oct 2024 20:31:10 GMT Last-Modified Wed, 09 Feb 2022 07:40:21 GMT Content-Type image/png Server AmazonS3 x-amz-id-2 vAO7BgWF1unR+/IWEZ3aaUVF0OFkPIwvoz5BDHA3FEe8sdz4AvuBf7JdPJcafvRhshPnBy4VUFA=
GET H2	200	p i.smartnews-ads.com/	2 B 648 B	752ms 276ms	Image text/plain	52.194.158.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.smartnews-ads.com/p?id=20e53d0c41d51e3a8a128563&t=1727814670&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=fed0e49e-d2a8-42ff-8d26-65e3ae0f12e1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.194.158.90 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-194-158-90.ap-northeast-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers date Tue, 01 Oct 2024 20:31:10 GMT content-type text/plain; charset=utf-8 content-length 2
GET H/1.1	200 OK	smallest.png i6.smartnews-ads.com/	95 B 474 B	14ms 13ms	Image image/png	2a02:26f0:3500:f95::322 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i6.smartnews-ads.com/smallest.png?id=20e53d0c41d51e3a8a128563&t=1727814670&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=fed0e49e-d2a8-42ff-8d26-65e3ae0f12e1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:f95::322 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers ETag "71a50dbba44c78128b221b7df7bb51f1" Connection keep-alive x-amz-request-id RJMS1VDRVY6MFEJ4 Accept-Ranges bytes Content-Length 95 Date Tue, 01 Oct 2024 20:31:10 GMT Last-Modified Wed, 09 Feb 2022 07:40:21 GMT Content-Type image/png Server AmazonS3 x-amz-id-2 vAO7BgWF1unR+/IWEZ3aaUVF0OFkPIwvoz5BDHA3FEe8sdz4AvuBf7JdPJcafvRhshPnBy4VUFA=
GET H3	200	/ www.google.de/pagead/1p-conversion/721484514/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_c... https://www.google.com/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_... https://www.google.de/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_e...	42 B 64 B	32ms 32ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCKLFsQIIkMmxAkonZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIhPSZnYPuiAMVPpn9Bx1o3Se1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pckk5b2lKbkZsODBXVFlmYWRSX3RiM3VCQjFuRVdPeXlXanNJTjU0aXF2ZU9FazNWNUJQT3Jn&is_vtc=1&cid=CAQSKQDpaXnffZj00Z9K_iNk6zGZdbarOqP_sWkZkgGBX55g7ZY14p-umfN2&random=911610945&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/721484514/?random=1220763446&cv=11&fst=1727814670111&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECCKLFsQIIkMmxAkonZXZlbnQtc291cmNlPW5hdmlnYXRpb24tc291cmNlLCB0cmlnZ2VyWgMKAQFiBAoCAgM&pscrd=IhMIhPSZnYPuiAMVPpn9Bx1o3Se1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pckk5b2lKbkZsODBXVFlmYWRSX3RiM3VCQjFuRVdPeXlXanNJTjU0aXF2ZU9FazNWNUJQT3Jn&is_vtc=1&cid=CAQSKQDpaXnffZj00Z9K_iNk6zGZdbarOqP_sWkZkgGBX55g7ZY14p-umfN2&random=911610945&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.de/pagead/1p-conversion/721521220/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1... https://www.google.com/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm... https://www.google.de/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...	42 B 64 B	33ms 33ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-vqbnYPuiAMV-pH9Bx2qvhoNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck03Xy1FLUtkVzVlNmxQU2ZTWWp1T0pjT0p0QkFaSWZYeTlkdWJvUkdoUmVyUXZDcFZNdWN3&is_vtc=1&cid=CAQSKQDpaXnf_xe9GtQS8wg9u9uc02JvXuJT3qJsZcPB_1_f6cLfnJWhhPJv&random=3609422737&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/721521220/?random=475456870&cv=11&fst=1727814670136&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJDJsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-vqbnYPuiAMV-pH9Bx2qvhoNMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck03Xy1FLUtkVzVlNmxQU2ZTWWp1T0pjT0p0QkFaSWZYeTlkdWJvUkdoUmVyUXZDcFZNdWN3&is_vtc=1&cid=CAQSKQDpaXnf_xe9GtQS8wg9u9uc02JvXuJT3qJsZcPB_1_f6cLfnJWhhPJv&random=3609422737&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.de/pagead/1p-conversion/856479406/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1... https://www.google.com/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm... https://www.google.de/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...	42 B 64 B	50ms 33ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJHJsQJKFWV2ZW50LXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIxZKdnYPuiAMVO7z9Bx1gCQSYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck9MSmx1MDFSSHBtVWZCeldwcXVvSG5nU1dGY0VTZUJCRUpGNVUtWnpudHlDTkJjaWJMS1Nn&is_vtc=1&cid=CAQSKQDpaXnfViasvKLQ-DFzXh9iDPiqhqKrr2cSLaB0A4L-nHmtlIXZ9M4a&random=446482858&ipr=y Protocol H3 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://gcxiu.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.de/pagead/1p-conversion/856479406/?random=250532407&cv=11&fst=1727814670163&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=1&pscdl=noapi&auid=1997402882.1727814669&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiixbECCJHJsQJKFWV2ZW50LXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMIxZKdnYPuiAMVO7z9Bx1gCQSYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhJodHRwczovL2djeGl1LmNvbS9CVkNoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpd0FyeE5pck9MSmx1MDFSSHBtVWZCeldwcXVvSG5nU1dGY0VTZUJCRUpGNVUtWnpudHlDTkJjaWJMS1Nn&is_vtc=1&cid=CAQSKQDpaXnfViasvKLQ-DFzXh9iDPiqhqKrr2cSLaB0A4L-nHmtlIXZ9M4a&random=446482858&ipr=y pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 20:31:10 GMT x-xss-protection 0 content-type image/gif server cafe
GET		conversion_async.js b99.yahoo.co.jp/pagead/	0 0
GET		/ apm.yahoo.co.jp/rt/	0 0
GET		/ apm.yahoo.co.jp/rt/	0 0
GET		/ apm.yahoo.co.jp/rt/	0 0
GET		/ apm.yahoo.co.jp/rt/	0 0
GET		/ apm.yahoo.co.jp/rt/	0 0
GET H2	200	bf.png a.imgvc.com/i/	105 B 317 B	822ms 274ms	Image image/png	3.114.202.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://a.imgvc.com/i/bf.png?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.114.202.197 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-114-202-197.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash e18875b564162b8d8b8420b49116edac393c2e3e60b3d94d4ccd48e396b1d7d2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://gcxiu.com Referer https://gcxiu.com/ Response headers front-end-https on cache-control max-age=63072000, private expires Thu, 01 Oct 2026 20:31:11 GMT access-control-allow-origin * content-length 105 date Tue, 01 Oct 2024 20:31:11 GMT content-type image/png last-modified Wed, 09 May 2018 15:00:00 GMT server nginx
POST H2	200	event Show response log-v4-insight.kaizenplatform.net/kz/insight/	254 B 476 B	831ms 274ms	XHR application/json	54.65.163.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://log-v4-insight.kaizenplatform.net/kz/insight/event Requested by Host: cdn.kaizenplatform.net URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.65.163.228 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-65-163-228.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 5621b549ff034aaf8765cd381faa21b7e08a70b3427fb07f1fb6b3f000d7c1ab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://gcxiu.com/ Response headers cache-control no-cache,max-age=0 access-control-allow-credentials true expires Thu, 31 Oct 2024 20:31:11 GMT access-control-allow-origin https://gcxiu.com content-length 254 p3p CP="CAO PSA OUR" date Tue, 01 Oct 2024 20:31:11 GMT content-type application/json vary Origin
POST H2	200	mon Show response obs.segreencolumn.com/	0 16 B	129ms 128ms	XHR application/json	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/mon Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://gcxiu.com/ Response headers access-control-allow-origin https://gcxiu.com content-length 0 date Tue, 01 Oct 2024 20:31:11 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE
POST H2	200	mon Show response obs.segreencolumn.com/	0 141 B	121ms 119ms	XHR application/json	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/mon Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://gcxiu.com/ Response headers access-control-allow-origin https://gcxiu.com content-length 0 date Tue, 01 Oct 2024 20:31:11 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE
POST H2	200	mon Show response obs.segreencolumn.com/	0 39 B	114ms 112ms	XHR application/json	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/mon Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://gcxiu.com/ Response headers access-control-allow-origin https://gcxiu.com content-length 0 date Tue, 01 Oct 2024 20:31:13 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE
POST H2	200	mon Show response obs.segreencolumn.com/	0 39 B	108ms 107ms	XHR application/json	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/mon Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://gcxiu.com/ Response headers access-control-allow-origin https://gcxiu.com content-length 0 date Tue, 01 Oct 2024 20:31:15 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE
POST H2	200	mon Show response obs.segreencolumn.com/	0 39 B	102ms 100ms	XHR application/json	2600:1f18:e8a:cd06:e361:a2ce:b047:17c AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://obs.segreencolumn.com/mon Requested by Host: ob.segreencolumn.com URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://gcxiu.com/ Response headers access-control-allow-origin https://gcxiu.com content-length 0 date Tue, 01 Oct 2024 20:31:20 GMT content-type application/json access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

localhost

URL

http://localhost/

Domain

gcxiu.com

URL

blob:https://gcxiu.com/d636dd3e-0935-46fb-ae0c-21c129738696

Domain

gcxiu.com

URL

blob:https://gcxiu.com/eca43000-285e-4180-989a-fd246c362554

Domain

b99.yahoo.co.jp

URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Domain

apm.yahoo.co.jp

URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814670.6522903&pvid=4m4slyh4t64m1qw8s2w&__lt__cid_valid=true&_impl=ytag

Domain

apm.yahoo.co.jp

URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814670.8130193&pvid=4m4slyh4t64m1qw8s2w&su=a83dd7ef-edc8-4b78-b962-3ed443470743&__lt__cid_valid=true&_impl=ytag

Domain

apm.yahoo.co.jp

URL

https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814671.181593&pvid=4m4slyh4t64m1qw8s2w&su=a83dd7ef-edc8-4b78-b962-3ed443470743&__lt__cid_valid=true&_impl=ytag

Domain

apm.yahoo.co.jp

URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814670.7834456&pvid=4m4slyh4t64m1qw8s2w&su=a83dd7ef-edc8-4b78-b962-3ed443470743&__lt__cid_valid=true&_impl=ytag

Domain

apm.yahoo.co.jp

URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Fgcxiu.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814671.0500257&pvid=4m4slyh4t64m1qw8s2w&su=a83dd7ef-edc8-4b78-b962-3ed443470743&__lt__cid_valid=true&_impl=ytag