www.gemfinance.co.nz Open in urlscan Pro
143.204.214.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gemfinance.co.nz/
Effective URL:
https://www.gemfinance.co.nz/
Submission: On February 03 via manual (February 3rd 2020, 11:42:50 pm UTC) from AU

Summary HTTP 82 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 27 IPs in 10 countries across 19 domains to perform 82 HTTP transactions. The main IP is 143.204.214.85, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.gemfinance.co.nz.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 5th 2019. Valid for: a year.

This is the only time www.gemfinance.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	143.204.214.85 143.204.214.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
3	23.0.46.158 23.0.46.158	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.213.5.196 3.213.5.196	14618 (AMAZON-AES) (AMAZON-AES)
13	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	13.35.253.8 13.35.253.8	16509 (AMAZON-02) (AMAZON-02)
1	122.252.188.126 122.252.188.126	9834 (TRADEME-A...) (TRADEME-AS-NZ Trade Me Limited)
1 4	54.72.27.207 54.72.27.207	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.102 172.217.22.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	3.248.26.129 3.248.26.129	16509 (AMAZON-02) (AMAZON-02)
2	35.181.91.36 35.181.91.36	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
2	34.247.192.223 34.247.192.223	16509 (AMAZON-02) (AMAZON-02)
1	147.75.84.39 147.75.84.39	54825 (PACKET) (PACKET)
5	52.64.136.242 52.64.136.242	16509 (AMAZON-02) (AMAZON-02)
3	151.101.113.175 151.101.113.175	54113 (FASTLY) (FASTLY)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	147.75.102.231 147.75.102.231	54825 (PACKET) (PACKET)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	104.18.31.173 104.18.31.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
82	27

23 143.204.214.85 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-85.fra53.r.cloudfront.net

www.gemfinance.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.0.46.158 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-46-158.deploy.static.akamaitechnologies.com

service.maxymiser.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.5.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-5-196.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-8.fra6.r.cloudfront.net

www.latitudefinancial.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.252.188.126 (New Zealand)

ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ)

tmda.tmcdn.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.27.207 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-27-207.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f102.1e100.net

9239623.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.26.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-26-129.eu-west-1.compute.amazonaws.com

latitudefinancialservices.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

smetrics.latitudefinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.192.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

cheproximity.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.39 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.64.136.242 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

ge-track.inside-graph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lfs-live.inside-graph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

5467304.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.231 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress10

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.173 (United States)

ASN13335 (CLOUDFLARENET, US)

lfs-cdn.inside-graph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	gemfinance.co.nz 1 redirects www.gemfinance.co.nz	2 MB
13	ensighten.com nexus.ensighten.com	192 KB
7	demdex.net 1 redirects dpm.demdex.net latitudefinancialservices.demdex.net cheproximity.demdex.net	4 KB
6	inside-graph.com ge-track.inside-graph.com lfs-live.inside-graph.com lfs-cdn.inside-graph.com	269 KB
6	google-analytics.com www.google-analytics.com	38 KB
5	doubleclick.net 2 redirects 9239623.fls.doubleclick.net 5467304.fls.doubleclick.net stats.g.doubleclick.net	2 KB
5	gstatic.com fonts.gstatic.com	59 KB
4	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	64 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
3	maxymiser.net service.maxymiser.net	33 KB
2	latitudefinancial.com smetrics.latitudefinancial.com	705 B
2	bugherd.com www.bugherd.com	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	google.de ampcid.google.de	462 B
1	google.com ampcid.google.com	533 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	tmcdn.co.nz tmda.tmcdn.co.nz	110 B
1	latitudefinancial.com.au www.latitudefinancial.com.au
82	19

	Domain	Requested by
23	www.gemfinance.co.nz	1 redirects www.gemfinance.co.nz nexus.ensighten.com
13	nexus.ensighten.com	www.gemfinance.co.nz nexus.ensighten.com
6	www.google-analytics.com	nexus.ensighten.com
5	fonts.gstatic.com	www.gemfinance.co.nz
4	lfs-live.inside-graph.com	nexus.ensighten.com
4	dpm.demdex.net	1 redirects www.gemfinance.co.nz
3	nebula-cdn.kampyle.com	nexus.ensighten.com
3	service.maxymiser.net	www.gemfinance.co.nz service.maxymiser.net
2	5467304.fls.doubleclick.net	1 redirects nexus.ensighten.com
2	cheproximity.demdex.net	nexus.ensighten.com
2	smetrics.latitudefinancial.com	nexus.ensighten.com www.gemfinance.co.nz
2	9239623.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.bugherd.com	www.gemfinance.co.nz nexus.ensighten.com
2	fonts.googleapis.com	www.gemfinance.co.nz
1	lfs-cdn.inside-graph.com	nexus.ensighten.com
1	udc-neb.kampyle.com
1	vars.hotjar.com	nexus.ensighten.com
1	script.hotjar.com	nexus.ensighten.com
1	stats.g.doubleclick.net
1	ge-track.inside-graph.com	nexus.ensighten.com
1	static.hotjar.com	nexus.ensighten.com
1	cm.everesttech.net	1 redirects
1	latitudefinancialservices.demdex.net	nexus.ensighten.com
1	ampcid.google.de	nexus.ensighten.com
1	ampcid.google.com	nexus.ensighten.com
1	www.googletagmanager.com	nexus.ensighten.com
1	tmda.tmcdn.co.nz	www.gemfinance.co.nz
1	www.latitudefinancial.com.au	nexus.ensighten.com
82	28

This site contains links to these domains. Also see Links.

Domain
online.gemvisa.co.nz
upload.gemfinance.co.nz
online.gemcreditline.co.nz
online.gemessential.co.nz
www.genoapay.com
documents.latitudefinancial.com.au
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com
www.instagram.com
assets.latitudefinancial.com

Subject Issuer	Validity	Valid
www.gemfinance.co.nz DigiCert SHA2 Secure Server CA	`2019-02-05` - `2020-02-23`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.maxymiser.net DigiCert SHA2 Secure Server CA	`2019-01-15` - `2020-04-15`	a year	crt.sh
assets.bugherd.com Let's Encrypt Authority X3	`2019-12-14` - `2020-03-13`	3 months	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2019-10-03` - `2020-10-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
latitudefinancial.com.au DigiCert SHA2 Secure Server CA	`2019-10-07` - `2020-10-07`	a year	crt.sh
tmda.tmcdn.co.nz DigiCert SHA2 High Assurance Server CA	`2016-07-19` - `2018-08-29`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
smetrics.latitudefinancial.com DigiCert SHA2 High Assurance Server CA	`2019-01-27` - `2020-05-01`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.inside-graph.com RapidSSL RSA CA 2018	`2019-11-07` - `2021-01-05`	a year	crt.sh
j.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2020-02-03` - `2020-06-11`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.kampyle.com RapidSSL RSA CA 2018	`2019-02-17` - `2020-03-01`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-14` - `2020-10-09`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.gemfinance.co.nz/
Frame ID: AFE87E89284BE6A92A94D138128FC90F
Requests: 78 HTTP requests in this frame

Frame: https://www.latitudefinancial.com.au/assets/cookiemaker-v2.html
Frame ID: AA8B1ED37CA32743143E5D8B234B46D5
Requests: 1 HTTP requests in this frame

Frame: https://9239623.fls.doubleclick.net/activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F
Frame ID: 71C84AF359C0B335D6AF89633B05D12A
Requests: 1 HTTP requests in this frame

Frame: https://latitudefinancialservices.demdex.net/dest5.html?d_nsid=0
Frame ID: D506E9F5C091CEBF637D47E92F7117F2
Requests: 1 HTTP requests in this frame

Frame: https://5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594
Frame ID: D2D5F6C184631FA12B6CB3E8076A2355
Requests: 1 HTTP requests in this frame

Frame: https://cheproximity.demdex.net/dest5.html?d_nsid=0
Frame ID: 86DF3F27AAF80844E2D347422847137D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 9D309DDD6B886F2D3C5674770E236AAE
Requests: 1 HTTP requests in this frame

Frame: https://lfs-live.inside-graph.com/bridge.html?target=https%3A%2F%2Fwww.gemfinance.co.nz&cluster=lfs&account=IN-1000505
Frame ID: EA87B8403586C5B924AFE2B6FA7FC634
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.gemfinance.co.nz/ HTTP 301
https://www.gemfinance.co.nz/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

82
Requests

99 %
HTTPS

26 %
IPv6

19
Domains

28
Subdomains

27
IPs

10
Countries

2310 kB
Transfer

5533 kB
Size

26
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://online.gemvisa.co.nz/access/login
Title: Gem Visa Log in

Search URL Search Domain Scan URL

URL: https://upload.gemfinance.co.nz/fileupload/income?cardType=gemvisanz
Title: Upload Documents for Gem Visa

Search URL Search Domain Scan URL

URL: https://online.gemcreditline.co.nz/access/login
Title: Gem CreditLine Log in

Search URL Search Domain Scan URL

URL: https://upload.gemfinance.co.nz/fileupload/income?cardType=creditlinenz
Title: Upload Documents for Gem CreditLine

Search URL Search Domain Scan URL

URL: https://online.gemessential.co.nz/access/login
Title: Gem Essential Log in

Search URL Search Domain Scan URL

URL: https://online.gemessential.co.nz/access/registration
Title: Register for Gem Essential Online

Search URL Search Domain Scan URL

URL: https://upload.gemfinance.co.nz/fileupload/income?cardType=gemessentialnz
Title: Upload Documents for Gem Essential

Search URL Search Domain Scan URL

URL: https://www.genoapay.com/how-it-works/
Title: Find out more

Search URL Search Domain Scan URL

URL: https://documents.latitudefinancial.com.au/
Title: Secure Documents

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GemFinance/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4OODvUJswoDRTS_xFCCXcw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/latitude_fs
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/latitude-financial-services
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gem_finance/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://assets.latitudefinancial.com/legals/product-disclosure-statements/nz/pds.pdf
Title: Disclosure statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gemfinance.co.nz/ HTTP 301
https://www.gemfinance.co.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778

Request Chain 51

https://9239623.fls.doubleclick.net/activityi;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F HTTP 302
https://9239623.fls.doubleclick.net/activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F

Request Chain 56

https://cm.everesttech.net/cm/dd?d_uuid=10768719564230033311738845865453323304 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjiv6AAAAcw9yS3-

Request Chain 64

https://5467304.fls.doubleclick.net/activityi;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594 HTTP 302
https://5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594

82 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gemfinance.co.nz/
Redirect Chain

http://www.gemfinance.co.nz/
https://www.gemfinance.co.nz/

520 KB
98 KB

1790ms
1705ms

Document
text/html

143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3f2c587f2c9128e109862e23e14bb5941d9f268d8729b4d1adedadb1fc14565

Request headers

:method: GET
:authority: www.gemfinance.co.nz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
content-type: text/html
x-amz-id-2: PKcOqL+x342BQYnKgoetSig1cPlJ+bJ4QZ3vkbsFco7PICpc18TeqIJg9x1yO0Lqi9m2cAvhnIA=
x-amz-request-id: CFFCE0DFCB208F20
date: Sun, 02 Feb 2020 23:36:09 GMT
last-modified: Sun, 02 Feb 2020 23:31:18 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qh9S.aHmHzyw2unW2_nU_smZSL6F34R7
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: pijtxLXIuqVjBWZnEuzuh7VIbvHRdxb85GO0ueoly6TznLu2fwxXmg==

Redirect headers

Server: CloudFront
Date: Mon, 03 Feb 2020 23:42:28 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.gemfinance.co.nz/
X-Cache: Redirect from cloudfront
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: Yl5LIQsZvaQvXlRDyY9zL9fJdSvMyshep9ZgbCgRMDewdDoCsT6hTQ==

GET
H2 200 css
fonts.googleapis.com/ 13 KB
919 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,400,500,700

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0aa014ee9f823bd803632a191c7f71563657d40f47868a3127b831acfb6bb180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 23:42:30 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 23:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:42:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
658 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,800,600&display=swap

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b30c0ab3dfb6a0382cf776520dc8163c0fa4579fb7b25f0d8e28400e560f58f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 23:42:30 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 23:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:42:30 GMT

GET
H2 200 mmapi.js Show response
service.maxymiser.net/api/eu/latitudefinancial.com.au/ec76cc/ 15 KB
6 KB 112ms
39ms Script
application/x-javascript 23.0.46.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/api/eu/latitudefinancial.com.au/ec76cc/mmapi.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.46.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-46-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 46cc66e18d8dec077bdb1138c7a76485c0c5dee780df871f03d8d5a46d4eaa15

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:30 GMT
content-encoding: gzip
last-modified: Fri, 14 Sep 2018 08:00:00 GMT
server: AkamaiNetStorage
access-control-allow-origin: *
etag: "cde978ad9947cd0fae5cd62487d27f4d:1536912001"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=10
accept-ranges: bytes
content-length: 5774

GET
H2 200 ensighten.js Show response
www.gemfinance.co.nz/ 91 KB
33 KB 542ms
542ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/ensighten.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7d7b731566ce98e600439cc4630014488c74473fed5c1397c5964bd4ba7893c

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:10 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:15 GMT
server: AmazonS3
x-amz-request-id: D5FF429B90C08045
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yAa6qa_y6LiRELoVTyCwljqM0T4VH_95
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: BFDBt-rp9KYSIgoWdFFzm6qsQFLEPzUoBqxCnElu7HuclZo3D3rCBg==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: 3kgwmEK5wlcsiY1ROV1Okm8qylZkWvEe4K0f17d3YRjgB9iYAFcygZOqvTbXMtYJVgWoiuQxb4M=

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 43 B
572 B 346ms
133ms Script
text/javascript 3.213.5.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=k8x4tdkkpaylbl47h1vpyq

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.5.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-5-196.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Runtime: 0.024685
Date: Mon, 03 Feb 2020 23:42:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Cowboy
Etag: W/"3998af358e95499d4d29c84852d0bd38"
X-Frame-Options: SAMEORIGIN
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
X-Request-Id: 5ef2ad96-0d6d-413f-b1c0-9c8627aca6af

GET
H2 200 styles-cb76bcf5911efd0cd8a0.js Show response
www.gemfinance.co.nz/ 2 KB
933 B 1358ms
1358ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/styles-cb76bcf5911efd0cd8a0.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4133b369cdc8553ca45fd092ac5ba0c0c2024109a66295d5d11238db1e1f3a47

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:32:01 GMT
server: AmazonS3
x-amz-request-id: 897C204123CA1C86
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: KQH7sz0rBvVFCjnPAIa4LxhnkYSfpDm0
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: FwEbtzvLs51SkibhKCx6sX7LDF7Ev1CqeksXpELv-gjGqiSHRgX8kg==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: yCrk9lawqNXcj7IZPaDOV0BRCBtNNy/KGHQ/6MLJsKjwkXQ4ooj2q4Y4gRvwO2sJzStVKBRXP+c=

GET
H2 200 component---src-pages-index-js-8e2178b5b66a4451400e.js Show response
www.gemfinance.co.nz/ 218 KB
106 KB 1169ms
1169ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/component---src-pages-index-js-8e2178b5b66a4451400e.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24e1ce0661b745f813e81ac0e8c4dde6c48dbf3ff4c61a43d40fad120a6980bc

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:13 GMT
server: AmazonS3
x-amz-request-id: 65F82E15F1DB0DC7
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: mt_Y2TAJKAO0A6q9bZ7wUxki7VbnkjDG
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: dDf9CZFunFCfKmEdmFgCVmiAeboyJhQoGqDym9M3SniHD4R07aoeSg==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: QbP3a1926ztFddxfHPKV6434uBd4yYMSa9K48fEy3HTKgGqdCxCN3O/c/fN+QJAlcbX3W400dco=

GET
H2 200 commons-41cdef2ed0c217d5f6f6.js Show response
www.gemfinance.co.nz/ 871 KB
330 KB 844ms
843ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/commons-41cdef2ed0c217d5f6f6.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b664f985cd88cfe1e88bbcb011ca76a726d0da31b49baaad232094b1e3f7aebe

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:10 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:12 GMT
server: AmazonS3
x-amz-request-id: 2C97AB6C835A8020
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: sV7504irRLNcL3yHAmlJPi7LEh2VAW_H
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: R-JA5fFH8g9c_Ww7seLgvNQ5FaGIRZUkB6srY6LBUEVlyXfbOwMXcg==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: Tcdrv0ocT7vVAg7vC+cjyiH6v7/kiSic+jjR1EuCdGMMHQC+RA6QMZol23QbU5ZJNg+RK0vsdn0=

GET
H2 200 app-8472c6cb5f0020b7b0fe.js Show response
www.gemfinance.co.nz/ 103 KB
34 KB 823ms
823ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/app-8472c6cb5f0020b7b0fe.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e59ed68ef17759caf8ec8e2ae843255b25783d47db4feef6a9661f0d5774d7e9

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:03 GMT
server: AmazonS3
x-amz-request-id: 7A77F5FB1AF34312
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rZbpNPXdSU_Juvp64nW_ntEN4L7TfD0v
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: dSSy98W2YpnTsIeEGceWIM_3XUjjKw8I15DoEoldX28tZAiUlhFK6g==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: 2atubaa/ITFfmrkrTjjVSVVXLIew02jQz6V5H9HF13E64j7ZEwJEBnrZA/ma9QoYWK+88gUDeTs=

GET
H2 200 webpack-runtime-8459ca151f58aa8d9734.js Show response
www.gemfinance.co.nz/ 5 KB
2 KB 769ms
769ms Script
application/javascript 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/webpack-runtime-8459ca151f58aa8d9734.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e152c14b56cbc7ab6f71b0c982742e7f6ecd4359b56ff7868c0bcd0f03111c12

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:32:02 GMT
server: AmazonS3
x-amz-request-id: 201E0A17F3C222C7
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: ugdtHtc9HYGcVFWirAVEbLjrmAn9aJkk
status: 200
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: j_C78scAHcWKcWZLtPScR_Rp0CvOwA_FwKQ0VRonIAW5Sk2mUg4M-g==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: l8jOoB8mITb3OyZ8URwWRpTzVTNu9CWhCK9iKemIFhAfA3RGldS5GdBsAupeqYhlVRMDJRmmxhY=

GET
H2 200 page-data.json
www.gemfinance.co.nz/page-data/index/ 131 B
623 B 1173ms
1172ms Other
application/json 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/page-data/index/page-data.json
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab6d818c8d1c47c2015d4784cfe517801b90f645f8c4792fdac3ed66ec865593

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 0290BB6FE255C6D3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 131
x-amz-id-2: 7FVQIEFLr4897sQsVqSK4ypiBTDngweRBr5lsEzK2SArIn1/M+Bhq/q+wbzYKDbcOLfmDOexeag=
last-modified: Sun, 02 Feb 2020 23:31:36 GMT
server: AmazonS3
etag: "afe1406463a0178127280b6085ae75fa"
x-amz-version-id: 5DlPza.bvBgHqknCYX6L3IbqN2RNjVvG
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: 8Es97phQoCPDLYbK-VeRZinXrOTSTNeHyKP4xF6ytVEefLkXKmNvpg==

GET
H2 200 gem-latitude-logo-blue.svg
www.gemfinance.co.nz/media/ 3 KB
2 KB 1052ms
1052ms Image
image/svg+xml 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/media/gem-latitude-logo-blue.svg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31ffb5152801d3ccffbdc3b2db2ad492a454d785f095a395fec29f26f9dc0396

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:27 GMT
server: AmazonS3
x-amz-request-id: D520EAE5FD8B0E8B
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: PPnSYk89ROBTV44tAubRoHwwD8B6t1Kq
status: 200
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
x-amz-cf-id: AgQ_LpwjhIKXRbELFWgUKBEV5lDPz04dQ6zMPz0kOa6SvWM2f9sFGQ==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: EOH5Q4JUiPYRhRsUh9lD7SB5QjZxejBNQmPKWcPr4S7oxVu1L20mom8Yq5VBLzre+BMfyfVIvBE=

GET
H2 200 frame-pay-faster@2x-9a76402344a49039461e70741fb80db4.jpg
www.gemfinance.co.nz/static/ 71 KB
72 KB 999ms
999ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/frame-pay-faster@2x-9a76402344a49039461e70741fb80db4.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97063949d312ad5789ac8b66f5506093bd05b0147c2ab010656f86b0a226c641

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 9633B99FEFD66832
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
content-length: 73047
x-amz-id-2: gl9ityW+ci8tLJplWCe27J0RLzYK5XLY4R50T+LBZrkgIS+PE0Ca1xHOz2kH2KWj4bHpRsGDtag=
last-modified: Sun, 02 Feb 2020 23:31:56 GMT
server: AmazonS3
etag: "9a76402344a49039461e70741fb80db4"
x-amz-version-id: Spvhg4KurpjyKTsYVxAqQcH92xAUg5kX
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Rl10lMWOTy0L9TWYQIyO_zxGjgTa5EyGGYBS5zvc78RDe8Gz3sS4bg==

GET
H2 200 important-car2-ceb2c9ec3e32c98558524b4a0397f5d3.jpg
www.gemfinance.co.nz/static/ 79 KB
79 KB 513ms
512ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/important-car2-ceb2c9ec3e32c98558524b4a0397f5d3.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03c1b2be2b300f7c3579ab797f4d2e289923cea1d72879618a4e4d79595d7de5

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: FE77EC66AAFB538E
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 80652
x-amz-id-2: 2bQYUhWRt3jyqN8H/Pzo4MOa6P7GzhgcxiB8KaVc6whAn39fU21jAaQUAZZ1fA9+2MZcHYSnt8o=
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
etag: "ceb2c9ec3e32c98558524b4a0397f5d3"
x-amz-version-id: YsaZFPeUUP2jBABspnoUUZxso70zt9T5
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: R9uaqrvS81TpXGUhONH7M2TGYMlTaSoRilrrIQhTQ97KFEyTvPW2jg==

GET
H2 200 important-credit-cards-a3ae4a036ae7eee51174bc463bf3828e.jpg
www.gemfinance.co.nz/static/ 20 KB
20 KB 397ms
396ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/important-credit-cards-a3ae4a036ae7eee51174bc463bf3828e.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3aa90cf29e355e1a0074e32cecbcbd429a06a49a5efb25cd6f2400bad40738d

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 6D43FD06E57EBC8F
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 20271
x-amz-id-2: P0kHuZ6vkzF3MRNZAl9jwfOM2mPSYKa0+hlt/s/cvjsMW93M53mZUevUzHvTvIP3NlG3rFE3Kqk=
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
etag: "a3ae4a036ae7eee51174bc463bf3828e"
x-amz-version-id: ykRFQoEsvTyum9NL9obdx3wZOAxh2CxF
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: RaOwVKrx0bmyeJw1_BVRSzzwV5OPppfJDBLOVAr5FdDJ8R_UoKUC5g==

GET
H2 200 important-loans-dec7132e01eafe8011d31279a83ae1a6.jpg
www.gemfinance.co.nz/static/ 27 KB
27 KB 723ms
722ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/important-loans-dec7132e01eafe8011d31279a83ae1a6.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31413e9ff6749fc1f8e425e2567bd65d75823ce2fdc8734580407600f167c704

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: E5C4E541EC199C57
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 27619
x-amz-id-2: ev2ZUpnb9WhGTkY+DRUSm5vr9TP4JE4Nxz/hfm316fd3hsGvr9AkZMcV9CEoSUHScc1ulkV8ugk=
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
etag: "dec7132e01eafe8011d31279a83ae1a6"
x-amz-version-id: RDqK6kHa7sAH3GFcI3VNvCvU1JTrsisb
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 21Kz9JNKrnhDaHpg91DPrxZU_YAomAMAkDBJ0qxI5x249x6r8-H_Rw==

GET
H2 200 important-insurance-2803d34b8e809154b842ff2007a96579.jpg
www.gemfinance.co.nz/static/ 18 KB
19 KB 412ms
412ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/important-insurance-2803d34b8e809154b842ff2007a96579.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b9a4cba4a5c17b318176b60275c1da1f215cc40a76d85e36dbdb3506a357856

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: qf2THslwJj.5dDpL6x7b165G5gMgkXWK
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: A61D157141F9BA69
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
date: Mon, 03 Feb 2020 23:42:32 GMT
content-length: 18858
x-amz-id-2: fW1VM6PUqZpjd3dXsin3Hp5OXr0qgA3Zp1b9CCqj8fur4MzZk8J2DY+rkrNv8Il2rHA++KOX+aw=
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
etag: "2803d34b8e809154b842ff2007a96579"
content-type: image/jpeg
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: AZMEvi5ifwbrKSptdvCCmeZO9tJzxtrupEwhiUTmYxzPF_bE44N0kA==

GET
H2 200 TrendyHipster-9b81952e17770868d57e1df69b255cb7.jpg
www.gemfinance.co.nz/static/ 115 KB
116 KB 505ms
504ms Image
image/jpeg 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/TrendyHipster-9b81952e17770868d57e1df69b255cb7.jpg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecfb83aca2e1d5fa04c0dcef8055ac673f70763debc2091581af6356ea008768

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 25F858CE6B43B375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 117780
x-amz-id-2: UecZSueETc/X8A1yr4NqLdT+4MByG3Li/9qg0qKkHM3QIEsz6NP6e93ErCrMvp3Urk7VruwI5yM=
last-modified: Sun, 02 Feb 2020 23:31:54 GMT
server: AmazonS3
etag: "9b81952e17770868d57e1df69b255cb7"
x-amz-version-id: ZjKYwX8qor52fXBZVz.OOUduUT4PrLFx
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: rhiEgBwYWZHRR7JCzLJ65e3iRsNS4--ER2NJYWY0uuKw98Z_nedGJw==

GET
H2 200 Genoapay_logo-60c3eac92a75e804d8d2e1354a666d84.png
www.gemfinance.co.nz/static/ 14 KB
14 KB 679ms
679ms Image
image/png 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/Genoapay_logo-60c3eac92a75e804d8d2e1354a666d84.png
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae06907693d310af33fbee160a0bb4ba3c47f8a7a2fc03b321eb6811877d0c23

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 88410307A7A212AC
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 14286
x-amz-id-2: s6r68PMLJLr6ayOUBKhEnre3QsTE/jWwK8XO0+YI4ars1nJvTt6umr2dmdSEdfeZEeLkV6n5KVU=
last-modified: Sun, 02 Feb 2020 23:31:54 GMT
server: AmazonS3
etag: "60c3eac92a75e804d8d2e1354a666d84"
x-amz-version-id: 1ph5RR6HbWKJxFPxZka_zStqMSktgWJg
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: iGREX2yUmGQCK7wdD4dKWsIhWxjyR9KMz10pNe2ThCIxcV5m2cQe0g==

GET
H2 200 / Show response
service.maxymiser.net/cg/v5/ 8 KB
3 KB 40ms
40ms Script
text/javascript 23.0.46.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://service.maxymiser.net/cg/v5/?fv=dmn%3Dlatitudefinancial.com.au%3Bref%3D%3Burl%3Dhttps%253A%252F%252Fwww.gemfinance.co.nz%252F%3Bscrw%3D1600%3Bscrh%3D1200%3Bclrd%3D24%3Bcok%3D1&lver=1.13&jsncl=mmRequestCallbacks%5B1%5D&ri=1&lto=60&jrt=s

Requested by

Host: service.maxymiser.net
URL: https://service.maxymiser.net/api/eu/latitudefinancial.com.au/ec76cc/mmapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.0.46.158 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-0-46-158.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e902abbd3d686dcace5f3f3313c9a885ec3c9d165920ca89f8b9883f67a4df60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 23:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: 02/03/2020 23:42:30
server: nginx
vary: Accept-Encoding
p3p: CP="DEV IND NOI OTC OUR PSA PSD"
status: 200
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
content-length: 2436
content-type: text/javascript; charset=utf-8
x-node: fravwcgeu11
expires: Sun, 06 Jan 1980 01:00:00 GMT

GET
H2 200 mmpackage-1.19.js Show response
service.maxymiser.net/platform/eu/api/ 77 KB
24 KB 44ms
44ms Script
application/x-javascript 23.0.46.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.maxymiser.net/platform/eu/api/mmpackage-1.19.js
Requested by: Host: service.maxymiser.net
URL: https://service.maxymiser.net/api/eu/latitudefinancial.com.au/ec76cc/mmapi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.46.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-46-158.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a8a0ef1cc98c851f89567986121f785d33e1d99dbc4465546565ab8a64263f32

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 03 Feb 2020 23:42:30 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 07:16:25 GMT
server: AkamaiNetStorage
etag: "abe4d7159c686f19987a27cc295fbafd:1559286985"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24627

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/gecapitalau/prod/ 359 KB
85 KB 138ms
59ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/ensighten.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1beaac63d959f3ea9c3f2a8631b060f60f9997bf22260eb1fa4d8e2cfb3c524b

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
last-modified: Mon, 03 Feb 2020 03:14:18 GMT
server: nginx
etag: W/"5e37900a-59dd3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=300

GET
H2 200 icons-sprite.svg
www.gemfinance.co.nz/media/nz/ 161 KB
49 KB 393ms
392ms Other
image/svg+xml 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/media/nz/icons-sprite.svg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6655bfd864f5d26bafdfb6fe5dd4f23cdf319eb69d5789bcfdb812125b57205

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: Bq3Rx_Wa4WdqiYjLpvZ7TNO1YVGJDPAk
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:29 GMT
server: AmazonS3
x-amz-request-id: D0236063BD9DB362
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
date: Mon, 03 Feb 2020 23:42:32 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wIcOb2KVklQlmEps4AwL_vNmi4O6SX1nIM1-yVcl49DaoshlJAM62g==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: 8P6p7NvjGmBWECYhQM4O+FcxjaXncGocyj/FcJftFYjfAJwaS5OQGCoORFNs1U3MMidgHrRK9U0=

GET
H2 200 icons-sprite-907156b91f10fcef1c29694d58c18c9c.svg
www.gemfinance.co.nz/static/ 161 KB
49 KB 493ms
493ms Other
image/svg+xml 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/static/icons-sprite-907156b91f10fcef1c29694d58c18c9c.svg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea7a04e67f4d1728677af7675e49abc57511cfd93a55b888f42078bf53cfa72f

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:12 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
x-amz-request-id: 5257CDC60F4BEE5C
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: TF_Rny62.WVK_OY62FbwoVRl.b7jZgSY
status: 200
x-amz-cf-pop: FRA53-C1
content-type: image/svg+xml
x-amz-cf-id: wpKWETCJ0U6So48Vz32fMHkO8LQlNXFbN4Ms-1ZTbCEx7pgHOBH7-g==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-id-2: u5mhCAfavg7/jO9Et7sLDKXtR7APzgpXlM1xCVZozFn2MvgoiYRr69xHHAm+/bTqIj+QEHYgAik=

GET
H2 404 icons-sprite.svg
www.gemfinance.co.nz/assets/icons/ 0
0 905ms
904ms Other
text/html 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/assets/icons/icons-sprite.svg
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:12 GMT
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 23:30:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: lsMCtju6iXNAo3.xpdQ99h_s23kBmr6.
status: 404
content-type: text/html
x-amz-cf-id: LG-E8W6iwfPoOAV0rwosYyjA5wcmD53FLrV3Py_YkVH3JIekN_a-cA==
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)

GET
H2 200 lframe-home-gem-nz-cf412695f40e3d8c1248db731417edd3.png
www.gemfinance.co.nz/static/ 413 KB
414 KB 733ms
732ms Image
image/png 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/lframe-home-gem-nz-cf412695f40e3d8c1248db731417edd3.png
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1ec95e3d1e8b5711d521574ab0067f396fd80ce84f957f7cbb9ff2009f6d72c

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 7790C9A0BF6BE9D4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
content-length: 422878
x-amz-id-2: NMRrY9QLuIcsObYOVuTG54JV1/OJbHrAy1uE/Yk5iDq5NrrWxogTgbK29gnhk6sThfeKvTjx1ts=
last-modified: Sun, 02 Feb 2020 23:31:59 GMT
server: AmazonS3
etag: "cf412695f40e3d8c1248db731417edd3"
x-amz-version-id: 14j1McTbrYrRxeIJuZFsmlUJLTdkQjRB
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: HAX8L-2eaPrh2rtIqkXVjHS01kpSFvOo11XiyX5KJjjddq8VGU4ajg==

GET
H2 200 lets@2x-a89a10af7dfdbe81eb0551b07e0f816d.png
www.gemfinance.co.nz/static/ 76 KB
77 KB 730ms
730ms Image
image/png 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gemfinance.co.nz/static/lets@2x-a89a10af7dfdbe81eb0551b07e0f816d.png
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3aa978918a5584e1fbf838bdeae63f2b310b64451cddb0864b5493f41ab918bb

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:11 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: 043DC0FBEB3E10F6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
content-length: 78097
x-amz-id-2: qSCdeTXddg6FTKnjEMqH2GMaJFv96FAjm/WDzRnH61jZvzmxX72OubJgq0oipTq6XTwDL+b7GNc=
last-modified: Sun, 02 Feb 2020 23:31:58 GMT
server: AmazonS3
etag: "a89a10af7dfdbe81eb0551b07e0f816d"
x-amz-version-id: DrukxmyWGhwgg5eVMadyK9uuVcH2wVKJ
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: qSbRkNkmVQ4GdloN14h_wghcmQ76bhLhkAdReyyb7jgSSKFeLUNjCg==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 437f0bcf43d715febdd143decc927e70dcb08b5c0199d6b1a9a5464899c08a37

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a4f1f6809a0a616c4ff15b8ac98dd4afbeeb93796c37807a1e1e5a3cc6a5ace

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,800,600&display=swap
Origin: https://www.gemfinance.co.nz

Response headers

date: Fri, 31 Jan 2020 22:51:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 262264
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Sat, 30 Jan 2021 22:51:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,400,500,700
Origin: https://www.gemfinance.co.nz

Response headers

date: Fri, 17 Jan 2020 17:12:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1492215
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:12:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,400,500,700
Origin: https://www.gemfinance.co.nz

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 341532
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Roboto:300,400,500,700
Origin: https://www.gemfinance.co.nz

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 216419
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,800,600&display=swap
Origin: https://www.gemfinance.co.nz

Response headers

date: Mon, 03 Feb 2020 23:17:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1510
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Tue, 02 Feb 2021 23:17:21 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.gemfinance.co.nz

Response headers

Content-Type: application/font-woff

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/gecapitalau/prod/ 750 B
892 B 42ms
42ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/serverComponent.php?r=77456.65112154161&ClientID=619&PageID=https%3A%2F%2Fwww.gemfinance.co.nz%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3b9582da5483f3fafc35d281c0fa2adef886626c624012080a6b7b1928e855bd

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 03 Feb 2020 23:42:31 GMT
cache-control: no-cache, no-store
expires: Mon, 03 Feb 2020 23:42:30 GMT
server: nginx
content-length: 750
content-type: text/javascript

GET
H2 204 perf.rnc
nexus.ensighten.com/gecapitalau/prod/ 0
106 B 34ms
34ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/gecapitalau/prod/perf.rnc?cid=619&ns=1580773348753&ce=261&cs=177&dc=0&dclee=2882&dcles=2878&di=2878&dl=1969&dle=177&dls=177&fs=176&lee=0&les=0&rede=0&reds=0&reqs=261&resps=1966&respe=2002&scs=197&ues=0&uee=0
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:31 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:30 GMT

GET
H2 200 app-data.json Show response
www.gemfinance.co.nz/page-data/ 50 B
545 B 519ms
519ms XHR
application/json 143.204.214.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gemfinance.co.nz/page-data/app-data.json
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-85.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 957b3ca3b30c080dca8c3d90e80f35e57f46c22a657249f223954fe31ba0c26b

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:36:12 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-request-id: FD381CF09DA68DCB
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
content-length: 50
x-amz-id-2: A35zhawLZKc1ZsSEKQ1jKDg3pFdxLrRXqrTHgCaty09nivjBZdD7gWLaKd+lLALN127U/NVy8XQ=
last-modified: Sun, 02 Feb 2020 23:31:36 GMT
server: AmazonS3
etag: "5a2e37ba5f4ad8be5fc4fa958a7c2ad9"
x-amz-version-id: kz7Ujh_iXPjrYXfkcyvGTjSLUIbUai9J
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: VhU5edvnQGsMIWrAkWXwEeVouceSoKZc-GtC-6nhZjVe1BNJDFsh3g==

GET
H2 200 675fc04938ef68862ec34802860f6772.js Show response
nexus.ensighten.com/gecapitalau/prod/code/ 1 KB
763 B 34ms
34ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/code/675fc04938ef68862ec34802860f6772.js?conditionId0=422709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf60a8305067b71c1136ad8b0a72268fe5bbb75dca8f308728a2d2fe52315692

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
last-modified: Fri, 01 Nov 2019 02:34:21 GMT
server: nginx
etag: W/"5dbb99ad-496"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 9e67d4caccb73c12db12718109aedb25.js Show response
nexus.ensighten.com/gecapitalau/prod/code/ 115 KB
39 KB 39ms
39ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/code/9e67d4caccb73c12db12718109aedb25.js?conditionId0=425300
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a71b65d709e63d1616ba066e6172134e3bd5af663e17a286d3163e73ac677cc3

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
last-modified: Wed, 11 Dec 2019 11:24:43 GMT
server: nginx
etag: W/"5df0d1fb-1cb15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 55d955d0262b1db650a3a883d47d2da2.js Show response
nexus.ensighten.com/gecapitalau/prod/code/ 211 KB
63 KB 44ms
44ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/code/55d955d0262b1db650a3a883d47d2da2.js?conditionId0=282619
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8169f81fa78cc6345666c1f86fa83a0dbcefff9ea1a0e73e6659f45447ae769c

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 10:54:57 GMT
server: nginx
etag: W/"5cf64e01-34a53"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 80f79e201e6edb668741ab9da556ce53.js Show response
nexus.ensighten.com/gecapitalau/prod/code/ 10 KB
3 KB 63ms
63ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/code/80f79e201e6edb668741ab9da556ce53.js?conditionId0=463111
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 79bcba4b185c2124d2ce7d01959e1eb9806d3b43082faecebbc7f4edd2039a8c

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 10:54:57 GMT
server: nginx
etag: W/"5cf64e01-26cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000

GET
H2 200 a6fc2d3d6f44c4e8fc201cc447a28f0d.js Show response
nexus.ensighten.com/gecapitalau/prod/code/ 253 B
435 B 64ms
63ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/gecapitalau/prod/code/a6fc2d3d6f44c4e8fc201cc447a28f0d.js?conditionId0=425302
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1f6a015dff9a1a52d103b839af3108c11aacdfed67288bc180a130d4ea03bef5

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
last-modified: Tue, 04 Jun 2019 10:54:57 GMT
server: nginx
etag: "5cf64e01-fd"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 253

GET
H2 200 cookiemaker-v2.html
www.latitudefinancial.com.au/assets/ Frame AA8B 0
0 243ms
86ms Document
text/html 13.35.253.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.latitudefinancial.com.au/assets/cookiemaker-v2.html
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-8.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: www.latitudefinancial.com.au
:scheme: https
:path: /assets/cookiemaker-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.gemfinance.co.nz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

status: 200
content-type: text/html
x-amz-id-2: 7dbm8+nqXrCbbRhglL0h9W7+4z6svQoFMw9MTD+L/4zqXKpr32rPAT5+gQYuJeXn8GweynuEmaM=
x-amz-request-id: 0106FEB1B7BB69D1
date: Mon, 03 Feb 2020 07:36:11 GMT
last-modified: Mon, 03 Feb 2020 07:25:31 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: sDDW.0SKiCN0r6LHxoxETLbnZlrZDyCT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: HlAT25ZLkOo8jhcaCXTT7gBJw7I6bzrfI9CRCbgLv917FUyB4fnJyA==

GET
H/1.1 204
No Content value=lattitudegemhome
tmda.tmcdn.co.nz/trademe/setid/external=retargeting/ 0
110 B 1529ms
306ms Image
text/plain 122.252.188.126
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tmda.tmcdn.co.nz/trademe/setid/external=retargeting/value=lattitudegemhome
Requested by: Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.252.188.126 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 03 Feb 2020 23:42:33 GMT
Server: nginx/1.12.0

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778
https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778

0
-1 B

127ms
32ms

XHR

54.72.27.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.27.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-27-207.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778
X-TID: BqUl/Lx7QNI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
X-TID: BqUl/Lx7QNI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9239623

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd00b0c4a985f8318851c215dec01e9d1d608c999b6914d339c68a21589887d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28466
x-xss-protection: 0
last-modified: Mon, 03 Feb 2020 22:07:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Feb 2020 23:42:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 6841
date: Mon, 03 Feb 2020 21:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 23:48:30 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
956 B 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 209
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 04 Feb 2020 00:39:02 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 22:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3493
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:44:18 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 36ms
14ms XHR
application/json 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gemfinance.co.nz
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfina...
9239623.fls.doubleclick.net/ Frame 71C8
Redirect Chain

https://9239623.fls.doubleclick.net/activityi;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfi...
https://9239623.fls.doubleclick.net/activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.c...

0
0

50ms
50ms

Document
text/html

172.217.22.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9239623.fls.doubleclick.net/activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9239623

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f102.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9239623.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.gemfinance.co.nz/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 03 Feb 2020 23:42:32 GMT
expires: Mon, 03 Feb 2020 23:42:32 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 733
x-xss-protection: 0
set-cookie: IDE=AHWqTUlL2vIposTox4e3ssP1DKmTsemSTZSMtiNL49nB4cwDu17kaOSNkpIvmYBR; expires=Sat, 27-Feb-2021 23:42:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 03 Feb 2020 23:42:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9239623.fls.doubleclick.net/activityi;dc_pre=CPK7-NDHtucCFS7GuwgdK64Kmg;src=9239623;type=rmk;cat=000si0;ord=5652549845689;gtm=2od1m0;auiddc=940297277.1580773352;u1=%252F;u2=www.gemfinance.co.nz;~oref=https%3A%2F%2Fwww.gemfinance.co.nz%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-Feb-2020 23:57:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 38ms
14ms XHR
application/json 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gemfinance.co.nz
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 384 B
1 KB 38ms
37ms XHR
application/json 54.72.27.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&d_nsid=0&ts=1580773351778

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.27.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-27-207.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d6c611d442f0020c71042ecc05cd0b16f9c5e98bf1717958b2db7d3f39d756cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v058-0202db12c.edge-irl1.demdex.com 5.64.4.20200120100612 4ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: yJkjjmCZQcQ=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 315
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
latitudefinancialservices.demdex.net/ Frame D506 0
0 147ms
32ms Document
text/html 3.248.26.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://latitudefinancialservices.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.26.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-26-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: latitudefinancialservices.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.gemfinance.co.nz/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=10768719564230033311738845865453323304
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Mon, 03 Feb 2020 18:32:04 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=10768719564230033311738845865453323304;Path=/;Domain=.demdex.net;Expires=Sat, 01-Aug-2020 23:42:32 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: IMpcgciWQk8=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
smetrics.latitudefinancial.com/ 49 B
483 B 148ms
30ms XHR
application/x-javascript 35.181.91.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.latitudefinancial.com/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=B6D9B74F57B2FBE97F000101%40AdobeOrg&mid=10330173304671695911767185138958839260&ts=1580773351981

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

fceded762bafc6e70e74cef6da26d55f4406f2b6d2d13420d90234666b09aa2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 03 Feb 2020 23:42:31 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-778c94b494-9s9xz
vary: Origin
x-c: master-1105.I62e04a.M0-322
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.gemfinance.co.nz
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript
content-length: 49
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xjiv6AAAAcw9yS3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=10768719564230033311738845865453323304
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjiv6AAAAcw9yS3-

42 B
915 B

33ms
33ms

Image
image/gif

54.72.27.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjiv6AAAAcw9yS3-

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.27.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-27-207.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v058-09d29175d.edge-irl1.demdex.com 5.64.4.20200120100612 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: RBEqF9oVTa4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 03 Feb 2020 23:42:31 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xjiv6AAAAcw9yS3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK event Show response
cheproximity.demdex.net/ 625 B
1 KB 160ms
44ms Script
application/javascript 34.247.192.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cheproximity.demdex.net/event?d_nsid=0&d_ld=_ts%3D1580773352136&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1580773352136&d_referer=&c_hash=&c_host=www.gemfinance.co.nz&c_hostname=www.gemfinance.co.nz&c_pathname=&c_protocol=https%3A&c_pageName=gemf%20nz%3Ahome&c_channel=D%3Dc2%2B%22%20-%20%22%2Bc3&c_server=www.gemfinance.co.nz&c_events=event30%2Cevent38&c_prop1=au%20nz&c_hier1=D%3Dc1%2B%22%2F%22%2Bc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc4%2B%22%2F%22%2Bc5%2B%22%2F%22%2Bc7%2B%22%2F%22%2BpageName&c_prop2=au&c_eVar2=D%3Dc2&c_hier2=D%3Dc1%2B%22%2F%22%2Bc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc5%2B%22%2F%22%2BpageName&c_prop3=gemf%20nz&c_eVar3=D%3Dc3&c_hier3=D%3Dc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc4%2B%22%2F%22%2Bc6%2B%22%2F%22%2Bc7%2B%22%2F%22%2BpageName&c_hier4=D%3DpageName&c_prop9=D%3DpageName%2B%22(%22%2Bc8%2B%22)%22&c_prop10=https%3A%2F%2Fwww.gemfinance.co.nz%2F&c_eVar11=direct&c_eVar19=1&c_eVar22=D%3Dc32&c_prop27=D%3Dv1&c_prop28=D%3Dv28&c_eVar28=Not%20Provided&c_prop29=D%3DpageName&c_eVar30=Not%20Provided&c_prop31=Tuesday-9%3A30AM&c_eVar31=D%3Dv33&c_prop32=First%20Visit&c_eVar32=D%3Dv33&c_prop33=Enabled&c_eVar33=direct&c_prop34=1&c_eVar34=direct&c_eVar38=D%3DpageName&c_eVar39=D%3Dv11&c_eVar40=D%3Dv11&c_prop49=id%231%3AStd.Req%3ACOE-DD%3ABWA-7.23%3A2010-10-15%3ABDA-ND%3A2014-04-29&c_prop56=2.0.0&c_eVar73=2.0.0&c_eVar78=D%3Dc60

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ed63682453081d33436e581ca67e43304d449ae18c5d7bb03d106fdc2cb88614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v058-096584466.edge-irl1.demdex.com 5.64.4.20200120100612 12ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: ToILatYeRso=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 397
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s781907393518
smetrics.latitudefinancial.com/b/ss/gemoneysnzgemfinance/1/JS-2.0.0/ 43 B
222 B 30ms
30ms Image
image/gif 35.181.91.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.latitudefinancial.com/b/ss/gemoneysnzgemfinance/1/JS-2.0.0/s781907393518?AQB=1&ndh=1&pf=1&t=4%2F1%2F2020%200%3A42%3A32%202%20-60&mid=10330173304671695911767185138958839260&aamlh=6&ce=UTF-8&cdp=3&pageName=gemf%20nz%3Ahome&g=https%3A%2F%2Fwww.gemfinance.co.nz%2F&cc=AUD&ch=D%3Dc2%2B%22%20-%20%22%2Bc3&server=www.gemfinance.co.nz&events=event30%2Cevent38&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=au%20nz&h1=D%3Dc1%2B%22%2F%22%2Bc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc4%2B%22%2F%22%2Bc5%2B%22%2F%22%2Bc7%2B%22%2F%22%2BpageName&c2=au&v2=D%3Dc2&h2=D%3Dc1%2B%22%2F%22%2Bc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc5%2B%22%2F%22%2BpageName&c3=gemf%20nz&v3=D%3Dc3&h3=D%3Dc2%2B%22%2F%22%2Bc3%2B%22%2F%22%2Bc4%2B%22%2F%22%2Bc6%2B%22%2F%22%2Bc7%2B%22%2F%22%2BpageName&h4=D%3DpageName&c9=D%3DpageName%2B%22%28%22%2Bc8%2B%22%29%22&c10=https%3A%2F%2Fwww.gemfinance.co.nz%2F&v11=direct&v19=1&v22=D%3Dc32&c27=D%3Dv1&c28=D%3Dv28&v28=Not%20Provided&c29=D%3DpageName&v30=Not%20Provided&c31=Tuesday-9%3A30AM&v31=D%3Dv33&c32=First%20Visit&v32=D%3Dv33&c33=Enabled&v33=direct&c34=1&v34=direct&v38=D%3DpageName&v39=D%3Dv11&v40=D%3Dv11&c49=id%231%3AStd.Req%3ACOE-DD%3ABWA-7.23%3A2010-10-15%3ABDA-ND%3A2014-04-29&c56=2.0.0&v73=2.0.0&v78=D%3Dc60&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.gemfinance.co.nz
URL: https://www.gemfinance.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-91-36.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:31 GMT
x-content-type-options: nosniff
x-c: master-1105.I62e04a.M0-322
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 04 Feb 2020 23:42:32 GMT
server: jag
xserver: anedge-778c94b494-jsmkq
etag: 3394684924699443200-4614301338959904757
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 02 Feb 2020 23:42:32 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 43 B
572 B 326ms
117ms Script
text/javascript 3.213.5.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=k8x4tdkkpaylbl47h1vpyq

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.5.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-5-196.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Runtime: 0.011400
Date: Mon, 03 Feb 2020 23:42:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Cowboy
Etag: W/"145c4755d32b799dff7fbddfb49f1b39"
X-Frame-Options: SAMEORIGIN
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
X-Request-Id: 81d8773f-d3f7-4d59-b370-a39292fa8234

GET
H2 200 hotjar-826763.js Show response
static.hotjar.com/c/ 5 KB
2 KB 137ms
28ms Script
application/javascript 147.75.84.39
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-826763.js?sv=6

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

9c85cb53a22a161bc8bebc04a2af988140f032782497211f756b3b94ec159d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 274
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 1945
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/c9a9fc8a40662f68639c4f2688af6cf7
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.078
accept-ranges: bytes
section-io-id: dad6802aefc49d212fda119f33374abb
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 6843
date: Mon, 03 Feb 2020 21:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 23:48:30 GMT

GET
H/1.1 200
OK ig.js Show response
ge-track.inside-graph.com/ 634 KB
243 KB 1348ms
331ms Script
text/javascript 52.64.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ge-track.inside-graph.com/ig.js?hn=www.gemfinance.co.nz&_=0.7457876369783458

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.136.242 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

Software

/ ASP.NET

Resource Hash

2be5019ceb3c8bbca088caf0ce02a9398cd94e05c96b010d7de4f1dcd3ddfc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 23:39:08 GMT
X-Powered-By: ASP.NET
ETag: 60a5e244e65aeeaf14a9af61a5a6714e
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Date: Mon, 03 Feb 2020 23:42:34 GMT
Expires: Tue, 04 Feb 2020 00:09:08 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wau/21923/onsite/ 3 KB
1 KB 152ms
38ms Script
application/javascript 151.101.113.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/wau/21923/onsite/embed.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c363a3c0adc2275d9e9f959b9af768fcaf31738bf8bc3972298f3f4f95c82715

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:33 GMT
content-encoding: gzip
age: 1374669
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200
content-length: 1039
x-amz-id-2: 5F/+Kv3AmB6fOOrhN5tUBJL6tB2u9C3YXK38073cGwU5K1pVFDOUAK/FqUc2gkmlaVQqpgHLcQM=
x-served-by: cache-iad2139-IAD, cache-hhn4070-HHN
last-modified: Fri, 20 Dec 2019 00:26:16 GMT
server: AmazonS3
x-timer: S1580773354.504761,VS0,VE0
etag: "1f9a4521f1f9b7ce3cc8d47b861849d1"
vary: Accept-Encoding
x-amz-request-id: CCC410DA763DFBB8
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2

200

;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594
5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/ Frame D2D5
Redirect Chain

https://5467304.fls.doubleclick.net/activityi;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594?
https://5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594?

0
0

53ms
53ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594?

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5467304.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.gemfinance.co.nz/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlL2vIposTox4e3ssP1DKmTsemSTZSMtiNL49nB4cwDu17kaOSNkpIvmYBR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 03 Feb 2020 23:42:33 GMT
expires: Mon, 03 Feb 2020 23:42:33 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1879
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 03 Feb 2020 23:42:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5467304.fls.doubleclick.net/activityi;dc_pre=CIi609HHtucCFZkr4AodDWcEnQ;src=5467304;type=ta16rem;cat=taapr0;u1=/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4899469525537.594?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=1180173816&t=pageview&cu=NZD&_s=1&dl=https%3A%2F%2Fwww.gemfinance.co.nz%2F&ul=en-us&de=UTF-8&dt=New%20Zealand%20Loans%20%26%20Insurance%20%7C%20Gem%20Finance&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAiEIrBAQC~&jid=1518931475&gjid=1500272547&cid=2116686898.1580773352&tid=UA-152634558-1&_gid=1149188159.1580773352&z=1641193227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jan 2020 10:39:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 997410
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j80&tid=UA-152634558-1&cid=2116686898.1580773352&jid=1518931475&gjid=1500272547&_gid=1149188159.1580773352&_u=aGBAiEIrBAQC~&z=398252329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 03 Feb 2020 23:42:33 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cheproximity.demdex.net/ Frame 86DF 0
0 32ms
32ms Document
text/html 34.247.192.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cheproximity.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: cheproximity.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.gemfinance.co.nz/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=10768719564230033311738845865453323304; cheproximity=10768719564230033311738845865453323304; DST=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Mon, 03 Feb 2020 18:32:04 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=10768719564230033311738845865453323304;Path=/;Domain=.demdex.net;Expires=Sat, 01-Aug-2020 23:42:33 GMT;Max-Age=15552000;Secure;SameSite=None cheproximity=10768719564230033311738845865453323304;Path=/;Domain=.cheproximity.demdex.net;Expires=Sat, 01-Aug-2020 23:42:33 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: ZmdeyqEBRIc=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 modules.9ad849c74ae56ab50f63.js Show response
script.hotjar.com/ 401 KB
70 KB 91ms
31ms Script
application/javascript 147.75.102.231
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.9ad849c74ae56ab50f63.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.231 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress10
Software: /
Resource Hash: 5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:33 GMT
content-encoding: br
content-type: application/javascript
age: 550984
status: 200
section-io-cache: Hit
content-length: 71256
last-modified: Tue, 28 Jan 2020 14:35:53 GMT
etag: "1d20895803c0fbc2ae7dc220b20b6a79"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.076
accept-ranges: bytes
section-io-id: 3d712b4212cd5663c4303e71f85f63d1
section-origin-responded: true

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 9D30 0
0 90ms
27ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.gemfinance.co.nz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

status: 200
date: Mon, 03 Feb 2020 23:42:33 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.031
section-origin-responded: true
age: 471974
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 25be10c4acc149f52ccccc1bc9886750

GET
H2 200 generic1576801573653.js Show response
nebula-cdn.kampyle.com/wau/21923/onsite/ 332 KB
57 KB 38ms
38ms Script
application/javascript 151.101.113.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/wau/21923/onsite/generic1576801573653.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1efc44f72f3cca23cd0d3dfe562d2500b2af4ba927d481aed7da7a6d7d83fbec

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:33 GMT
content-encoding: gzip
age: 0
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200
content-length: 57727
x-amz-request-id: 81A4B95A323184E4
x-amz-id-2: bLk8krdRicjufgDMe+QF0wxOs7/p61qSVVDUVF9U2sAtBqpg67KHB71FnbpzKRcudivnz0SZi3I=
x-served-by: cache-iad2138-IAD, cache-hhn4070-HHN
last-modified: Fri, 20 Dec 2019 00:26:14 GMT
server: AmazonS3
x-timer: S1580773354.549552,VS0,VE1
etag: "8e8bdfeecf25b78d6c42d20662128ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 38ms
38ms Script
application/javascript 151.101.113.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:33 GMT
content-encoding: gzip
age: 0
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
status: 200
content-length: 5197
x-amz-request-id: 3A7285A58FF0C32F
x-amz-id-2: WDQ5K9sZKfU9oe0emRVI9UoQ5NZYi7lLzyoCOAkcNfcsbr3Tt5uZZe+VZ77gtsaMTtzkUNPXc7c=
x-served-by: cache-iad2135-IAD, cache-hhn4070-HHN
last-modified: Sun, 05 Jan 2020 11:06:02 GMT
server: AmazonS3
x-timer: S1580773354.655601,VS0,VE0
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 465964

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=1180173816&t=pageview&cu=NZD&_s=2&dl=https%3A%2F%2Fwww.gemfinance.co.nz%2F&ul=en-us&de=UTF-8&dt=New%20Zealand%20Loans%20%26%20Insurance%20%7C%20Gem%20Finance&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHBAiEIrBAQC~&jid=&gjid=&cid=2116686898.1580773352&tid=UA-152634558-1&_gid=1149188159.1580773352&cd1=2116686898.1580773352&cd6=10768719564230033311738845865453323304&cd7=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&z=157547362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jan 2020 10:39:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 997410
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
321 B 152ms
106ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc5LjAuMzk0NS44OCBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTU4MDc3MzM1MzY3OCIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDEsInVzZXJfaWQiOiAiMTcwMGQ2ZjI4Y2NmNmYtMGEyNGRiMjMxM2RiNGItMWQzNzZiNWItMWQ0YzAwLTE3MDBkNmYyOGNkZWU5IiwiZW52aXJvbWVudCI6ICJwcm9kQXVTeWRuZXkiLCJhY2NvdW50SWQiOiAyMTkyMiwidXJsIjogImh0dHBzOi8vd3d3LmdlbWZpbmFuY2UuY28ubnovIiwid2Vic2l0ZUlkIjogMjE5MjMsImZlZWRiYWNrX3V1aWQiOiBudWxsLCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI0MzU3LThiNzAtYzgyMy1hMGJlLWJjYTktZjliYS04MTE0LTNiYzciLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTU4MDc3MzM1MzYzNyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxODk2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi4zMC4xLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE1ODA3NzMzNTM2NDEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-z145
date: Mon, 03 Feb 2020 23:42:33 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-allow-origin: *
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
status: 200
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 204 1.gif
nexus.ensighten.com/privacy/v1/b/ 0
106 B 36ms
36ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=619&i=7qdqtz&p=prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKzhoSAMYA2cEJOQCSAEzQA2DAE4iABwCuAI34wAFgAUKahnKgJxROEhjlSSbhDEMA7AEdRd8gC8uc0twDWEcmhxEAWwMIBgQlGGhILm4EBE8BGDRgAF8iQTA4fSQAwV90ABEIADNSBV5fIigIOwUIU0TUAG1QUTryYwpEFHQ1cnI5GFQAeiGqMawlBWI1aFEsGICh+FalUigwZgArGAB+Ujk4b1oAXk8ADgAPABZyUU9Pd1peFSubNQwwOVo7LnJaORC6Bg3CgcDkFRApjWeQwAFYzjgbDYWCxYXCbFc0khxKg4QikSi0bDpCwiDAEAooJYGAEFGZ2sgAPLhSLQADCABkuFDyAoGiBeAhSIYQFVSOSTGhGgBdIiiCikLR9aCSpqygVwUxS9VwHF4xHI1HolipFptDoM7ogXr9QYjcgBeVYB3cURIeYILBIZxDchQYUQHJLHy6oYQC6UKBIUi8Y5VMxQYghpDEIZgGO1Y68CjtXmtJMBNQIHK-f6AkBwALEbkJmHwg2EjA2CSwrF6+sEo3N1uQilU8uV4gAfXyjIAsgBBPpQMcGOBFAQinl8hgxwVUCAisUShoyuUKpWR1V7jVatVGdv4w1o7umkCtUwWroMG0DYZDUgBOTcXVYYixYheAgD1FjADAhkUFRNRmKBUCTcg2X4XIxB2I5jgnYRnFIABlWgJxbXgAFEAAkAFVCLgZxhBgAA5chnhohAAFpeEYABpDAzlEAAVCQERMUgx1LAEGAuNQoBraE0H1Ts0TOCQJDbaSO2vTiFLJPtqXQAANYiACUh0nGiJwAcUIvTJN5fk1wQDctwgcVkF3dV5TMQ8VWcohVDyE9dWUq9G3kiQ7wfdpo0tF8+jfEYxioP8AKApjzBjWh2m4GAQI-aNeFSuB0qwbZhPLYFQXBSSoDrAKjTONElNxFTAokGwNMpLSQFpekumZCJ1mgCdLJXdBBWFLhtyc7V9zcnMPIm08fJ1S8G2qtEQvNcLnx6KK7VGcZ-wQQCICS7LcvyhYIN4KZjBgIYFFIMNuAKxIiD+ESgRBMEIShCr-KWuSJEYOqZNUs4bAwFr+wYK7oHIAAhYoECqAb+WG+zHOPFyD2mqNPLm2a-Pqqq-sYVbH3W5BIttd9Yvi-bEuSnK0oys65Au4grpuu6IAewrnrLBgSo+8rKt+tTmpAQRFtkzjQfBtqOs6JkWV6qB+rJelBoFIVUZ3WbXMVLH0a8zV5ovH6pfkmwSbChWrVfbbqb2g6zGIAJkqTKBMuIZ2hm2HZdWOfI2SY6RGBYaR-pYIr+fesq1akgmRbOK5ZHF7EzdUkP-F7VqBxMaG4aKBGQjjqyGBR0aHJ18970x5Vsdm7y8cl4Hk6tp9yc2ymYt2hKfFIF23egT3vd9-3A+D0Pw9DqO3tKz7a3TwLYSziXF6NEOweziH0Hly1utZFWkbLrWK7RnG9fc+vq8b6v8aBpecDbsnba299P2-X9HaArBWjTcDINUDBOCPhEICCEChNCGEsK4XwrCIiZEKJUVovRJQjEWLsU4jxPiOABJCV5q9EAYkJJx2+gnKWIceyrzIRnRgPZyQ5wYLpAyRlTLmSPugGydlT5VxPBfA2OMb6+Wbo2ChT8bYU2ikMbgAQsAQEgFUUwlBuBqC9D4KRixRCiB2KIIcCgFD+wwIiPioNpCwgkFcUOOAcAohYBgJsLAzhJ3hC2K4sIUShxYDgK4M8KxViFmvNE0gbApyoffdewTZYDirCOccU4-SzlEPORc7CQCcM3Nw8a1c+F10NrjW+wjwnSDERFTukiYA5D9HlDK2ZcwKFaAuaMFg4AxkyrqbRQ4MjLA6dAY4zA8A4AAGQ6IXBAXgohiD6AUHIdCAyAgxETP7GGEh8jSBhhiAAYrCGwMNGDrJhoRIJ6yrEcA4AAUiuDgCcogwgQEZImWZBjrGePsZ4q4TUMASFMdIOxzZQY1QwA40xjiw6MAkIM8gMBjhhMCWcTg+DyxEP8dQkRsLAYNXXqirebUmGGQnMZMyFkS4azSdrTJvDa5HgEcbJuASZCwuKRta0r8RjSNkfItoSiVFIDUdIoYmj2l6Mec2EGMgzEWM8U82x9jHGuPkrCVx7iUReJ8YOJF0K6UA1TgUmFmr6Hb18cOUck5pwJKSekol1leDrnNaKSuZKMZTRyVSs8QjaXSDOMTAgZpSbiNKfbcYNS4B5mKB0JpLSFhYFKB+GAEQIVSNiPEQMpBvBQCYhsLAvQAi8BVUUf0JYSHCylsiRSWqAmMCsZvPVbV9gAmxGyNQcAxkpPLpUO1uTsmUobtS-JtLi0Mo7kyruO04qBuDQ08wP5w3FkjQoaNsbroxDiAIV2Ka03MEzdm+FkNc2fmLpCBeyKuwsDFqE9FsJy0cEiTSOkNt97K1VvuigGsW22rPrrClM1r7dtdYem8x7+0vyHayuR0AOVcy5TyjRWidGCtEFCoxIrTHmMsZKn5DinFyoVSwDxyqt3oFVQWt1Hq0WE0YBgRgZwr07xvXvJW8iH3LmRifVtb6skfqvieQRC0iOeu9dbEpg7JHU0mNMWYmVlgQFWOsLYux9iHAgCcc41xbj3EeM8Xgrx3ifG+D4gWsdH2kOhaHK4pJS2-tBciKjqS5C1tEPWxtS51ZMZGixnhDr9ZOq7S67j5mWAmYAxI-1cURMwTmGdCTUn02+zk2hJTNw7gPDoOpzTHwvg-Dw5CGO8945Gb85iMzRmmqmareWXeXU6N9Wbcx19bnJoec7V+7zptfNXCuAFv174HROhdG6D0XofR+gDEGWNoZwxHhjHGPuiZkypnTBdCAWYcxBrqRAAsRZ80gBelE6shHf1NnUgVs92H3VWbK4rHq9GUnQH0MQmr9q6uX1yVx5r6rmzBS9feNavrBPbR5BlYgP8KQqC5vwLwqjyBDCgPGq1XNyA7HIMcUQ3ABmkDBFCgZQ4oDHBYAMsA6OOnHE2AiAZ7Q4OkQnExOEoK-OwnhJTgZP44NkY+XxPi7qsBGYGZsAxckSQYFeLCAZxBudwbhFYxgNhaGvAx2zUX-PvmOLhNIDnZ7GAY4UMcUgJkYYTjgIRYQUAdcAEU2QAD8BnOGx+62hodGDSBVX43b0KUQSFM6ewmLviuaW2zE418S5wjMc0+y11rSXtvY0979PnncsFd+1n7VMe600OvTE6TNixZRSozR6umstqqO54zV7vfooiCVZqGFUC5Fyqy5u74fHUNc41Hl7BecC8c+z6gTdtE9xS-in462ezqp+zzzTbfNZ6CydwXzFxfZKl7FiV69nVzsHwY054+texr1-q5+pvTWKzapRPSj7oV26AckdyyY2YmKundJ4d+TxgJnRoLOsjIcWBDCckGiAYYAhKE3DnhlnptloZgXjYCvGnL+qiJ4uXnnJXvDIjBahvmHufBHs6ibAfgEiiOAfHt3iMPKkVl4lgEULwBlNcsoEBHwHlJ4ODh+NwO0BkH8HAAANwwBUjHAEHIheLMFbbHBmAfJVABDMHcAUB8GkD7BQA4DMEKAYDHBDDMFI5Dg1LHAKHcCY6JJwY8H9xDiFxQBDjKIOZDiJJVD0GbhDh+gOQOi5AqEIxwZXBnDSDSBvKmK0JuI2BYDEhXA7A5p5p7pfSFrXhH5u6QHO5uJZyL7UbL5IB3qXZIFDTVZb6oEN677qjPaYFQEOImgn5fZd7MpLBZYZoIDkCbBrCZRBCiBlB1BYDSDChJzSDcAYikAQBmKkBKDLxFCu6AFj4ELAH54e6tabyz6BFgp0Le6rg2YSz2ZNpxGayb5tpJE74capHN7pHO4DG4F5HpiwCFHFGlFnRKAIAXBMTOHcBFBXAYDChKB2JI42BnD-58TcAXEQA2BFBOFbKkBXAZoOibrdEDg7obb+FYGtZF4hFHYjGnY0blYXaVYzEvqJHvrJFLFGz753xHbAnJDSjJBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:34 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:33 GMT

GET
H2 204 TagAuditBeacon.rnc
nexus.ensighten.com/gecapitalau/prod/ 0
106 B 39ms
39ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/gecapitalau/prod/TagAuditBeacon.rnc?cid=619&data=[-1|-1|1;630074|3134877|1;-1|-1|1;-1|-1|1;322552|898288|1;628457|3122821|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;628456|3154542|1;-1|-1|1;-1|-1|1;628455|3154599|1;-1|-1|1;-1|-1|1;322784|1434188|1;-1|-1|1;-1|-1|1;247659|1673344|1;381730|1830592|1;381737|1348818|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;549499|2515480|1;472666|2746982|1;603634|3112404|1;-1|-1|1;-1|-1|1;604466|2903264|1;-1|-1|1;-1|-1|1;-1|-1|1;604470|2903211|1;-1|-1|1;554835|2551285|1;600229|3112435|1;-1|-1|1;382967|1351325|1;381929|2551455|1;554713|2581699|1;200875|2786061|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1]&idx=0&r=77456.65112154161
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:34 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:33 GMT

GET
H/1.1 200
OK bridge.html
lfs-live.inside-graph.com/ Frame EA87 0
0 1279ms
316ms Document
text/html 52.64.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lfs-live.inside-graph.com/bridge.html?target=https%3A%2F%2Fwww.gemfinance.co.nz&cluster=lfs&account=IN-1000505

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.136.242 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Host: lfs-live.inside-graph.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.gemfinance.co.nz/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.gemfinance.co.nz/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 20 Sep 2019 12:25:16 GMT
Accept-Ranges: bytes
ETag: "0de4875ae6fd51:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Mon, 03 Feb 2020 23:42:36 GMT
Content-Length: 1621

GET
H2 204 1.gif
nexus.ensighten.com/privacy/v1/b/ 0
106 B 35ms
34ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/privacy/v1/b/1.gif?n=1&c=619&i=7qdqtz&p=prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKzhoSAMYA2cEJOQCSAEzQA2DAE4iABwCuAI34wAFgAUKahnKgJxROEhjlSSbhDEMA7AEdRd8gC8uc0twDWEcmgxEAWwMIBgQlGGhILm4EBE8BGDRgAF8iQTA4fSQAwV90ABEIADNSBV5fIigIOwUIU0TUAG1QUTryYwpEFHQ1cnI5GFQAeiGkCCUy0gBablEkLE9SALlaXggsGIChmgUhxhlGFiHkeEoh4kFoOG4MAFYbCQAODnuWCVu2ACtEonJaORC6Bg3CgcDkFRAplIUDyd2eNhsLBYH1ujFkIEE4lQcJwCKRHwkABYbEQYAgFFBLAxSHIAUhRABhNRwXiGSFmcgKBogXgIUhsqqkMkmNCNAC6RFEFFIWj60BFTQlPLgplFSrgWJxeORyLRqRabQ67WQDF6-UGIzGE1401m80Wy1W60221KewORxOcDOFzGoJu9yeL0R7y+PxAfwBDGBoPBXChML8t3hiJ1HxwaXpSZT+LexNJ5MpgJAAQUHK6AHlwpFoABBeMcrkMXn8riC4UNcWS6WyyhQBVd5WqxVGTXJ3GplEsHD6kCtUxGrqmvoDYZDMDQmBYNQIcifaEbBBbJQIAAeU0JEmk3CKhIw-KUGAwom4NkeSggTxupAgNiK0kJe5SEJbdyACXguEjYs4CKKAlhCUkzETbFx21D5CWkW5MzHHMdSJElIULKl0FLctkCrCIoEgKAGQAGQbCgm3QFsBQgIUTjVbszF7eVOyVVQ8kHDVswnXMMNuWd53aJBOhNHoVwtIYFBfKYrQWJYVjWQ8tggYgqCGW4hjsSwFDAR5CQw0RnGIZNwXIDAlDUKVpGIR5ahkV8YCGcg4K8IYAH1-JiBBeCwYgYIAfilMwAF4IFoAApVkAgANWUgAJABZOAKzgAAhJQGTgWtiGEBk8psYQkAAOV4bgWGquQlEYW4im4RhqtoAAtAB1NKAA0GoBAIAFUcuKuBMoAFQATSoTL0uIU9Ms+WsqGEOAqGuRgUucdreDAFRpE8UQeoAUXG2s4CmnrpAkUgetPGAZoAZUeDBaNW4gAGkzowNQZsYXhlIAcWkZxSHyGBiBenrbhwXqqGIG6ADFPmEM7pCm4QUeIYhpryoppoAJSKaq4E8YgAEV+ryqglBBlL+t6hLaNIfqqbAaqpsylhPsyxgyrUWiXpR4nuYZJGGd4KAupevL0t66qoCUWhKapxg1FoZqMF4Wi9tuT7awUTLnE8HBqpeiyK3K2aeq6tRuACTwuZ5vnPgFjatva3b9sO3hpHpkGUYRgJpG1l7hAkMqEsyh7bgwCBysJCt8i6snPipuBaIZBKcCdtHSB22hBuJ25uBBsbcqupYUcYGb+uqz4nd4KhGWEGAquJ2gZp65Wuv6hKilEVLaD9pQ4CjsrhFoT6zpNqaxpzpKR7S0QUekBRe914RPgQUqAluXgZqQFLnpSwPe9EXhBq6uQB+4bPc+SteN5wB7dfq4m1CUWmigHvKYBAbhWrpNRehJMr5HqqbTKGBTYzRYDbDuwhUqMF6vDUuTU+oSGakffqaIAhdRqqyBkU98hnU7qfZwA8h4PSzqA6a3B5ogw1l1dGhJAbVQCFwma5BMogzOrQaqINiaTQ9stRgojhHCD4T1KmzhqrULgNVHqMjMpyJwDNZwa1aJTTOiwSBeVPA8NoBWEG1VPC9RGrcL2cB0GMHZglQ6fVlKkOjrnKgTtjo0xSlNCAPViYKAHvEZeAMOpgFOvDWG9Diq0Gmp4OJm0NSD07nvA+agcCiHSnlZwuVHgRJYKIPmARr5KHtk1AIKMt6MBGtUtySgkAIDALY0QO1tq8ARiNXgnhd77xWmdW4K1Mqd0IbwXqoje7K0Gile8cjxp5WUo9GAy8AhKBYAlcg0T5mLKeistZGyUrpQSvfRg18+BlwrlXfKOzlm5ygNvKg-jTw30kU5AR8zKqeFPHlEaGBSYvWsT1F6KViZ5RSmdXgGgpoByBSNJmvTSqT07p4YmKMqY4FPAlKanhwX9RwKC8FVyrq2KLijcg3B0q8BgF1LpylwIIxSnlbqjdeANOJmMtx08n4JXuT1DAjzHo3xYLtGh99OWkJwKbEafMprMkUbWcgWjiBxNoP9fhSVaI9QSp8Ga2LyBsP4K9HAEC9E4F0eTLRj9l68v5U83gTNap8EdUNZqhJLpgJGhAqBBjnCwPgQo2gyCAjkB-rTW4DMUopR9rQEajMe47VBlSuWU9SHcqmilEaCVLYgpGsTXNRRiZnRRrmyO7iNpFBeltQG0gNxAyFY1CAo1LqnlTp4Rg1qHl2tvnVGqTVGBuoYXAQkvqGSElPEbblfJG44H2bcfBzylAlPfpy-IQaUpoLhjgedQDGAoxgJgspu1RDB3JSuv6qdawNV9QonmHVyGUMAftd+t0FAIoaWfQqW12bVSjcXWG7K2X33AhyqeIMHZKHSrVIoVM5CiGgzFGKkF-jQQCMQBiyEtSTjeDYdEmIRJoWw+iMkFJiIgDgKh-y+QKyZQVT5TKBgYICDZFCTk3JSC8F5I81i7EBxKmijKCgfZeNEAEpxMjOFRJ4Rw5JQ0MljTdBAGaVclpxiTBmHMdSjotIuiqMRosXkvRnG+EMYKvApjMGwHcLAARjBYG+EhqMQIQRgghAmWEqEsMSDeNhfDnnngFhI9BEw0ByB5WKAgKoDFWPNj5NxjsYn+M8X7HxETKpBLqgkwRrzEgZMLjk0ueS5o1xWjU3aTTmlnRHiGLpoidRjgmG9BAIYxnTPmawJZ241nbP2d+Mh6Mzm4yIWhO53CBJ8wYizChUbbx-OEUCwwUiskkAURrFAesQ3ovMVi22Ni8WRxzh7IJ3iYnRP7eElNyTY2bC5ekkt5cRWRjKW4KpcY5WnTaSGLpfShljIQFMuZSy1lbJ9Ack5UgLk3IQA8jYLyPkPCeACkFWIoVwpFCitKOKiUX4ZWyrlAqRUSplQqlVZ1jVcFtQ6t1Fxg0G1NoYbNeai1lqrXWkkn2e0gb+2OqdC6oCbp3Qek9V670jY-T+mE4Gx7waQ2hrDeGiNkY9TRhjLGOM8YEyJlNUm5N1a0yDkzFmbMOau15vzQWTIRZiwllLEGMs5YKyVirNW1NNba32HrA2RsTZmwtlbFOtte4Oydi7bmpuPaCzZztDnB0jpBxDl1MOEcU2x3jonZOqd05NyzsvfOlT9zF1LuXSu7ra710bs3cCbdSGUO7pM2Wg9h6j3HpPMts9Pjz2mkvZ+q9lIby3ny3gCKUFHxPmfGaF8qBXyFXfB+3Lsfr2kM+z+LBv6-0JgAndICJqd69dA31cDnAIKQSM9d6Ct0r6wSlHBLUXnSEIcQ9u0d71VRFQ3uh7rGHMNYewzh3CAi8P4UEWEVESGQkSkRBjUTkQUSURUUgPRS0R0T0QMXyCMRMTMQsSsRsSSXsUcWcTXnFQSk8TDk8B8T8QCSCX6hCVzjCWqgiU3S2WrjiWxUSS2lEBSSHwCAySyRyTyQKSKVohKVZXKUXSqUBlqUBnqUaWaSSVaRSnaU6W6QRX6UGQ9hGS6jGQCTgDr2mVmRiQWVOl2VzlWXWU2TmTxxuT2RMMOWOS6lOTql4AuWL3MIMNuR5U7UFXwW-mPV53yk+W+V+X+UBWBQJQhShRhQBXhTSQ2mQRRTRQxSxRxTOjxRCKJUniSVJXJUpWpVpRHg6S6kZWZVqjZRAzLW5RtQFWeWmWoUHjFRTWEElWcGlV0TlW0UVWshVTVRBg1S1R1T1QNS0JemNWmjOjNSmgtT2jKPcOeQdXsNJz7QHW33AUgT3z9UPwDSDRDTX3DUZl-RShjTjUBjXlt2pVLS5WXnTUzWzTzWuILSLRLTqJgkrS0LRFrQ4xp2GiJRbXyDbQ7T5QqOnx7TJ37Q-yHRHTHQnWXinWqhnXWTnUYAXSXVIBXTXQ3QwXhJ3T3QPT6mcGPTJW4DPQwAvSvVNlDzvQoSqkfSBmfU3jfVPhgE-TgG-V2NoH-VZSQGJiAw4y6k5TAx-kg14Gg1g3g0Q160czI1Q3QxG0u0Ix8wuwI0eGRACyLAWzLCWxWyojrCiyYgxCgH0CgB2x4xSwO24iO2SxOzSzE3O0w1zAkGkwIANDyzu0K2UwMkvERGNSwCKCpSwFEHJBUAgD4GuE8CwDGHICGA8HaAyD+DgAAG4YBKQYpbg3TpxCQYyoIYozAMAJAqgAgYzuAKAMzSAaQoAcAYyFAMAYohgYyXx-IbRyAYpqzuB-IoBRANQGyzBiB-IigIsgpmRWR-JWyqhuBKBRB-IfI2IwJcgGyItRAYpCRHhpAAIrxURbgPgbAsBbgAIIoHNoJYJ4JJTfNcwWAbB-AJtMtJxCQWAMACI9NSMaQ6RGQ+zmNGxuQWIDS9tBxEtTThMhx0tRxDydRjyMBkgxRkggA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:36 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:35 GMT

POST
H/1.1 200
OK trackview Show response
lfs-live.inside-graph.com/ 172 B
644 B 1320ms
341ms XHR
application/json 52.64.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lfs-live.inside-graph.com/trackview?_=1580773357882.7769

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.136.242 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

Software

/ ASP.NET

Resource Hash

9549b81f50812834f2cd493722592db23793b04e6f85073af35dc55ed7bec408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 172
Date: Mon, 03 Feb 2020 23:42:38 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 1.gif
nexus.ensighten.com/privacy/v1/b/ 0
106 B 35ms
35ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/privacy/v1/b/1.gif?n=2&c=619&i=7qdqtz&p=prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKzhoSAMYA2cEJOQCSAEzQA2DAE4iABwCuAI34wAFgAUKahnKgJxROEhjlSSbhDEMA7AEdRd8gC8uc0twDWEcmkZEAWwMIBgQlGGhILm4EBE8BGDRgAF8iQTA4fSQAwV90ABEIADNSBV5fIigIOwUIU0TUAG1QUTryYwpEFHQ1cnI5GFQAeiHeIpgAWn5ILGN4VoniKFI5NSwYgKHyZa8M6gB+AH0AXgwAVgAOHBsbFhYzmwuL5huJaS5yWjkQ9AAPNSgXFMpCgeXOVxudweT38IEE4lQ4Out3uj2eRBgCAUUEsDAAGgAJABKhwAsgBBABy5IA4gBRIlAszkBQNECkXi8BBUCCGEBVUiYkxoRoAXSIogopC0fWgwqa4pAqjyYqMCKRkNRMOSouSQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:39 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:38 GMT

GET
H/1.1 200
OK negotiate Show response
lfs-live.inside-graph.com/signalr/ 391 B
809 B 317ms
317ms XHR
application/json 52.64.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lfs-live.inside-graph.com/signalr/negotiate?clientProtocol=2.0&k=IN-1000505%3A60309420-12b76a93371f95b89971cc5783f464ccfe1d2780adca426e990861f387e08aeb-5-5%3A883023345%3A7048&c=0d11e3e1530db3ecd2126edc3bebb2a9&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1580773355940

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.136.242 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

Software

/ ASP.NET

Resource Hash

c42ea57180ab9d9222329d22d0a2e41b87a73b89085964b8c3a8ed89bd95f7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Date: Mon, 03 Feb 2020 23:42:39 GMT
Expires: -1

GET
H2 200 ig.css
lfs-cdn.inside-graph.com// 126 KB
25 KB 1629ms
1552ms Stylesheet
text/css 104.18.31.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lfs-cdn.inside-graph.com//ig.css?dev=1&_20200202041216

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.31.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

772a3a98c2a93ce492d96d7584fc8f9da1bcba820e065f83f74687e7ee362ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 23:42:40 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
status: 200
last-modified: Sat, 01 Feb 2020 17:42:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css; charset=UTF-8
expires: Sat, 08 Feb 2020 23:42:40 GMT
cache-control: public, max-age=432000
cf-polished: origSize=128828
cf-ray: 55f84337ab56ce7f-LHR
cf-bgj: minify

GET
H/1.1 200
OK start Show response
lfs-live.inside-graph.com/signalr/ 25 B
442 B 320ms
319ms XHR
application/json 52.64.136.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lfs-live.inside-graph.com/signalr/start?transport=webSockets&clientProtocol=2.0&k=IN-1000505%3A60309420-12b76a93371f95b89971cc5783f464ccfe1d2780adca426e990861f387e08aeb-5-5%3A883023345%3A7048&c=0d11e3e1530db3ecd2126edc3bebb2a9&connectionToken=1AxcfQzdhMFqQ%2BPYXJcNlA70F6mzUtS5DYAKmU1NX3YZsLUNjHMW8SsqXKvSCwsg0T8MjSkE5%2BtLMfzhoYNXzV5VKXFQryl1XKL1UCDsXRm6CEIu4s0RI7hmziepcKrO&connectionData=%5B%7B%22name%22%3A%22insidesocialhub%22%7D%5D&_=1580773355941

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/gecapitalau/prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.136.242 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-136-242.ap-southeast-2.compute.amazonaws.com

Software

/ ASP.NET

Resource Hash

c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.gemfinance.co.nz/
Origin: https://www.gemfinance.co.nz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
strict-transport-security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.gemfinance.co.nz
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Date: Mon, 03 Feb 2020 23:42:40 GMT
Expires: -1

GET
H2 204 1.gif
nexus.ensighten.com/privacy/v1/b/ 0
106 B 35ms
34ms Image
text/plain 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/privacy/v1/b/1.gif?n=3&c=619&i=7qdqtz&p=prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKzhoSAMYA2cEJOQCSAEzQA2DAE4iABwCuAI34wAFgAUKahnKgJxROEhjlSSbhDEMA7AEdRd8gC8uc0twDWEcmhZEAWwMIBgQlGGhILm4EBE8BGDRgAF8iQTA4fSQAwV90ABEIADNSBV5fIigIOwUIU0TUAG1QUTryYwpEFHQ1cnI5GFQAeiHeIpgAWn5ILGN4VoniKFI5NSwYgKH4YiRSXighpAhiBHaKCAB+PgEhDX1yBBjeAF5mHAAyT2fhADkJjBwgIArDggQBSFgAQQkOBYOGkABZGDh-owlDYJKRpCwWDYMEVpEClAAOaTSPHcbhAmzElhFBESBGUooQDCiRg0nCkUTcUhIiQQMk4YlSIosYk2CDC0gQJQTIHyiGQ4m0nCMHEI8FQmw4BHE97cZ44UQYDAQFisoFw0RKC3cdkYRgCnksJSypSMLEG5BHbjtZD5CikZ5goEAITBNgjjEYuxyYJjSoTjDmcFaMEecD2amUycj+VD+XeAH1nhggcScDYbDigUDETguORaHIQugAB5qKBcUykKB5cuV6u16SMDA2NJIcSoQdVmssetjicgDMKKCWBgADQAEgAlYsAWUhP0hAHEAKK7ntmcgKBogPa8BBUCCGEBVUgZkxoRoAXSIohBlofTQN+TT-iAqh5H+RjTrOw4LqO46pC0bQdP63QgL0-SDCMYyTNMECzCYaYQIsyyrOsCCbNsuz7FsZj9hc5DLCYcgIP2zwvkoADKjzeOQMAGvwuR3KcjwIC8byfN8fwAsCoJKjCcKIsiqLopi2K4vihIkmSFJUjSdIMky3AsmyHKVtyvL8oK0jCqK4qStKsryoqUIqnC6osJqSo6nqBpGiaZoWuW1q2hA9pjk6r7cK67qetI3pIL6GEACpxIIZaQu2ZkAIrOKIagHgAYnYeUJmGGgAJqbgAUtwPy8JCOolRIATOAAquQPFAvk1WQgA0gEnUYD8m4sNVABaMAADKdT8ABW24HgA6sSPEwHYm6DWAPEAMJUDAxA4GlxIHotPGeOe4KMGG5CzQeRTOGoCDVeNzgAGpAp9g2biVeVQLQvAYDts0YJ1+35DAm67gEEj7eewgKAiMA4Luwg2GoHUCHI3CDVAADyyWpV0gZmCG4aRtGsakPGiZQsmqbppm2a5omNgFn1JZlhWc61vWCKcEQzatgwnbdkQvb9mg8HzjCQKapOcF8whCtKyuCBrhu6A7vuR4nheV5Szed4MI+z6vlwH5fg0MEgIBZjAZQUBgfbUE-hBaay6r8ugpqyS-skQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gemfinance.co.nz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 204
date: Mon, 03 Feb 2020 23:42:41 GMT
cache-control: no-cache, no-store
server: nginx
expires: Mon, 03 Feb 2020 23:42:40 GMT

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 11:25:25	Name: DST Value:
.demdex.net/	1970-01-19 11:25:25	Name: demdex Value: 10768719564230033311738845865453323304
.gemfinance.co.nz/	1970-01-21 02:57:06	Name: s_cpm Value: %5B%5B%27direct%27%2C%271580773351784%27%5D%5D
.gemfinance.co.nz/	1969-12-31 23:59:59	Name: s_cc Value: true
.gemfinance.co.nz/	1969-12-31 23:59:59	Name: cs Value: Direct
.gemfinance.co.nz/	1970-01-19 07:49:25	Name: aam_uuid Value: 10768719564230033311738845865453323304
www.gemfinance.co.nz/	1970-01-20 00:38:51	Name: AMCV_B6D9B74F57B2FBE97F000101%40AdobeOrg Value: 2096510701%7CMCIDTS%7C18296%7CMCMID%7C10330173304671695911767185138958839260%7CMCAAMLH-1581378151%7C6%7CMCAAMB-1581378151%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1580780551s%7CNONE%7CMCSYNCSOP%7C411-18303%7CMCAID%7CNONE%7CvVersion%7C2.0.0
.gemfinance.co.nz/	1970-01-19 07:06:15	Name: s_invisit Value: true
.latitudefinancial.com.au/	1970-01-20 00:37:25	Name: session_id Value: 72103786
.gemfinance.co.nz/	1970-01-19 07:07:39	Name: _gid Value: GA1.3.1149188159.1580773352
.gemfinance.co.nz/	1970-01-19 07:49:25	Name: s_vnum Value: 1583365351785%26vn%3D1
www.gemfinance.co.nz/	1969-12-31 23:59:59	Name: AMCVS_B6D9B74F57B2FBE97F000101%40AdobeOrg Value: 1
.gemfinance.co.nz/	1970-01-20 00:37:25	Name: _ga Value: GA1.3.2116686898.1580773352
.gemfinance.co.nz/	1969-12-31 23:59:59	Name: mmapi.store.s.0 Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%7D%7D
.gemfinance.co.nz/	1970-01-19 07:06:16	Name: AMP_TOKEN Value: %24NOT_FOUND
.gemfinance.co.nz/	1969-12-31 23:59:59	Name: s_cname_1 Value: direct
.gemfinance.co.nz/	1970-01-20 09:23:01	Name: s_lv Value: 1580773351786
.gemfinance.co.nz/	1970-01-19 09:15:49	Name: _gcl_au Value: 1.1.940297277.1580773352
.gemfinance.co.nz/	1970-01-19 07:06:15	Name: s_ctru4 Value: 1
.doubleclick.net/	1970-01-19 16:27:49	Name: IDE Value: AHWqTUlL2vIposTox4e3ssP1DKmTsemSTZSMtiNL49nB4cwDu17kaOSNkpIvmYBR
.gemfinance.co.nz/	1970-01-19 07:06:13	Name: _gat Value: 1
.www.gemfinance.co.nz/	1970-01-19 07:07:39	Name: s_cardType Value:
.gemfinance.co.nz/	1969-12-31 23:59:59	Name: s_chname Value: direct
.gemfinance.co.nz/	1970-01-19 15:51:49	Name: mmapi.store.p.0 Value: %7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22pd%22%3A%221612309350994%7C%5C%22716315676%7CAQAAAApVAwDvuzNArRKY6QABEgABQgD%2Fdya6AQD0cTa8AqnXSPRxNrwCqddIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QBrRIBAAAAAAAAAAAA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAABAOgnAQBkAAAAAUU%3D%5C%22%22%2C%22bid%22%3A%221580773950611%7C%5C%22fravwcgeu11%5C%22%22%2C%22srv%22%3A%221612309350996%7C%5C%22fravwcgeu11%5C%22%22%7D%7D
.gemfinance.co.nz/	1970-01-19 07:06:15	Name: s_lv_s Value: First%20Visit
.gemfinance.co.nz/	1970-01-19 07:06:15	Name: s_ctru2 Value: 2

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: OP595DebtConsolidation_copy_Qualifying.js(Line 8) Message: OP-595 is qualified false
console-api	log	URL: OP595DebtConsolidation_copy_Qualifying.js(Line 9) Message: OP-595 is qualified0 www.gemfinance.co.nz
console-api	log	URL: OP595DebtConsolidation_copy_Qualifying.js(Line 10) Message: OP-595 is qualified false
console-api	log	URL: OP595DebtConsolidation_copy_Qualifying.js(Line 11) Message: OP-595 is qualified false
console-api	log	URL: OP595DebtConsolidation_copy_Qualifying.js(Line 12) Message: OP-595 is qualified false
console-api	log	URL: https://nexus.ensighten.com/gecapitalau/prod/code/9e67d4caccb73c12db12718109aedb25.js?conditionId0=425300(Line 8) Message: new call with timeout
console-api	debug	URL: https://ge-track.inside-graph.com/ig.js?hn=www.gemfinance.co.nz&_=0.7457876369783458(Line 18) Message: [INSIDE] Module 'realtime' has been initialized.
console-api	debug	URL: https://ge-track.inside-graph.com/ig.js?hn=www.gemfinance.co.nz&_=0.7457876369783458(Line 18) Message: [INSIDE] Module 'front' has been initialized.
console-api	debug	URL: https://ge-track.inside-graph.com/ig.js?hn=www.gemfinance.co.nz&_=0.7457876369783458(Line 18) Message: [INSIDE] Module 'chat' has been initialized.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5467304.fls.doubleclick.net
9239623.fls.doubleclick.net
ampcid.google.com
ampcid.google.de
cheproximity.demdex.net
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
ge-track.inside-graph.com
latitudefinancialservices.demdex.net
lfs-cdn.inside-graph.com
lfs-live.inside-graph.com
nebula-cdn.kampyle.com
nexus.ensighten.com
script.hotjar.com
service.maxymiser.net
smetrics.latitudefinancial.com
static.hotjar.com
stats.g.doubleclick.net
tmda.tmcdn.co.nz
udc-neb.kampyle.com
vars.hotjar.com
www.bugherd.com
www.gemfinance.co.nz
www.google-analytics.com
www.googletagmanager.com
www.latitudefinancial.com.au
104.18.31.173
122.252.188.126
13.35.253.8
143.204.214.85
147.75.102.13
147.75.102.231
147.75.84.39
151.101.113.175
172.217.18.102
172.217.22.102
18.197.253.20
23.0.46.158
2a00:1450:4001:808::2003
2a00:1450:4001:814::200e
2a00:1450:4001:819::200e
2a00:1450:4001:820::200a
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9c
3.213.5.196
3.248.26.129
34.247.192.223
35.181.91.36
35.241.45.82
52.64.136.242
54.72.27.207
66.117.28.86
03c1b2be2b300f7c3579ab797f4d2e289923cea1d72879618a4e4d79595d7de5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0aa014ee9f823bd803632a191c7f71563657d40f47868a3127b831acfb6bb180
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1a4f1f6809a0a616c4ff15b8ac98dd4afbeeb93796c37807a1e1e5a3cc6a5ace
1beaac63d959f3ea9c3f2a8631b060f60f9997bf22260eb1fa4d8e2cfb3c524b
1efc44f72f3cca23cd0d3dfe562d2500b2af4ba927d481aed7da7a6d7d83fbec
1f6a015dff9a1a52d103b839af3108c11aacdfed67288bc180a130d4ea03bef5
24e1ce0661b745f813e81ac0e8c4dde6c48dbf3ff4c61a43d40fad120a6980bc
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2be5019ceb3c8bbca088caf0ce02a9398cd94e05c96b010d7de4f1dcd3ddfc5e
31413e9ff6749fc1f8e425e2567bd65d75823ce2fdc8734580407600f167c704
31ffb5152801d3ccffbdc3b2db2ad492a454d785f095a395fec29f26f9dc0396
3aa978918a5584e1fbf838bdeae63f2b310b64451cddb0864b5493f41ab918bb
3b9582da5483f3fafc35d281c0fa2adef886626c624012080a6b7b1928e855bd
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
4133b369cdc8553ca45fd092ac5ba0c0c2024109a66295d5d11238db1e1f3a47
437f0bcf43d715febdd143decc927e70dcb08b5c0199d6b1a9a5464899c08a37
46cc66e18d8dec077bdb1138c7a76485c0c5dee780df871f03d8d5a46d4eaa15
4b9a4cba4a5c17b318176b60275c1da1f215cc40a76d85e36dbdb3506a357856
5bab148520bb9b4b911f4da5ab8fd2c4a32333142fa835aaa645d6094396aab4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
772a3a98c2a93ce492d96d7584fc8f9da1bcba820e065f83f74687e7ee362ecf
79bcba4b185c2124d2ce7d01959e1eb9806d3b43082faecebbc7f4edd2039a8c
8169f81fa78cc6345666c1f86fa83a0dbcefff9ea1a0e73e6659f45447ae769c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9549b81f50812834f2cd493722592db23793b04e6f85073af35dc55ed7bec408
957b3ca3b30c080dca8c3d90e80f35e57f46c22a657249f223954fe31ba0c26b
97063949d312ad5789ac8b66f5506093bd05b0147c2ab010656f86b0a226c641
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c85cb53a22a161bc8bebc04a2af988140f032782497211f756b3b94ec159d65
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a71b65d709e63d1616ba066e6172134e3bd5af663e17a286d3163e73ac677cc3
a8a0ef1cc98c851f89567986121f785d33e1d99dbc4465546565ab8a64263f32
ab6d818c8d1c47c2015d4784cfe517801b90f645f8c4792fdac3ed66ec865593
ae06907693d310af33fbee160a0bb4ba3c47f8a7a2fc03b321eb6811877d0c23
b30c0ab3dfb6a0382cf776520dc8163c0fa4579fb7b25f0d8e28400e560f58f6
b3aa90cf29e355e1a0074e32cecbcbd429a06a49a5efb25cd6f2400bad40738d
b3f2c587f2c9128e109862e23e14bb5941d9f268d8729b4d1adedadb1fc14565
b664f985cd88cfe1e88bbcb011ca76a726d0da31b49baaad232094b1e3f7aebe
b7d7b731566ce98e600439cc4630014488c74473fed5c1397c5964bd4ba7893c
bf60a8305067b71c1136ad8b0a72268fe5bbb75dca8f308728a2d2fe52315692
c363a3c0adc2275d9e9f959b9af768fcaf31738bf8bc3972298f3f4f95c82715
c42ea57180ab9d9222329d22d0a2e41b87a73b89085964b8c3a8ed89bd95f7e4
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d6c611d442f0020c71042ecc05cd0b16f9c5e98bf1717958b2db7d3f39d756cd
dd00b0c4a985f8318851c215dec01e9d1d608c999b6914d339c68a21589887d3
e152c14b56cbc7ab6f71b0c982742e7f6ecd4359b56ff7868c0bcd0f03111c12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59ed68ef17759caf8ec8e2ae843255b25783d47db4feef6a9661f0d5774d7e9
e6655bfd864f5d26bafdfb6fe5dd4f23cdf319eb69d5789bcfdb812125b57205
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e902abbd3d686dcace5f3f3313c9a885ec3c9d165920ca89f8b9883f67a4df60
ea7a04e67f4d1728677af7675e49abc57511cfd93a55b888f42078bf53cfa72f
ecfb83aca2e1d5fa04c0dcef8055ac673f70763debc2091581af6356ea008768
ed63682453081d33436e581ca67e43304d449ae18c5d7bb03d106fdc2cb88614
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ec95e3d1e8b5711d521574ab0067f396fd80ce84f957f7cbb9ff2009f6d72c
fceded762bafc6e70e74cef6da26d55f4406f2b6d2d13420d90234666b09aa2b

www.gemfinance.co.nz Open in urlscan Pro 143.204.214.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

99 %HTTPS

26 %IPv6

19 Domains

28 Subdomains

27 IPs

10 Countries

2310 kBTransfer

5533 kBSize

26 Cookies

15 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gemfinance.co.nz Open in urlscan Pro
143.204.214.85 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

99 %
HTTPS

26 %
IPv6

19
Domains

28
Subdomains

27
IPs

10
Countries

2310 kB
Transfer

5533 kB
Size

26
Cookies

82 HTTP transactions
3 data transactions