www.ghadiscovery.com Open in urlscan Pro
104.18.15.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rerjOAr4zcfLbzgpC7hzdWNk7S6ELUrNwX3Dlv8zd...
Effective URL:
https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM02...
Submission: On June 29 via api (June 29th 2022, 5:04:28 pm UTC) from CA — Scanned from SE

Summary HTTP 50 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 12 domains to perform 50 HTTP transactions. The main IP is 104.18.15.129, located in and belongs to CLOUDFLARENET, US. The main domain is www.ghadiscovery.com. The Cisco Umbrella rank of the primary domain is 341553.
TLS certificate: Issued by E1 on May 3rd 2022. Valid for: 3 months.

This is the only time www.ghadiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	140.86.227.60 140.86.227.60	43898 (ORCL-AM-OPC1) (ORCL-AM-OPC1)
20	104.18.15.129 104.18.15.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.229.233.123 192.229.233.123	15133 (EDGECAST) (EDGECAST)
2	172.67.68.214 172.67.68.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.101.13.61 46.101.13.61	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	147.154.159.252 147.154.159.252	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	35.158.44.93 35.158.44.93	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	3.120.64.168 3.120.64.168	16509 (AMAZON-02) (AMAZON-02)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
50	12

1 140.86.227.60 (Sweden) 1 redirects

ASN43898 (ORCL-AM-OPC1, SE)
PTR: email.discoveryloyalty.com

email.discoveryloyalty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.15.129 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ghadiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.233.123 (Long Beach, United States)

ASN15133 (EDGECAST, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.68.214 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.13.61 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 529751.cloudwaysapps.com

active.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.154.159.252 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

discoveryloyalty.custhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.44.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-44-93.eu-central-1.compute.amazonaws.com

cms.ghadiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oscp.ghadiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.64.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-168.eu-central-1.compute.amazonaws.com

escp.ghadiscovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ghadiscovery.com www.ghadiscovery.com — Cisco Umbrella Rank: 341553 cms.ghadiscovery.com oscp.ghadiscovery.com escp.ghadiscovery.com	594 KB
6	custhelp.com discoveryloyalty.custhelp.com	2 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	413 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	200 KB
3	typenetwork.com cloud.typenetwork.com — Cisco Umbrella Rank: 23950	97 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	cookieyes.com active.cookieyes.com — Cisco Umbrella Rank: 45214 geoip.cookieyes.com — Cisco Umbrella Rank: 31655	488 B
2	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 35554	48 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	681 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 8	635 B
1	discoveryloyalty.com 1 redirects email.discoveryloyalty.com — Cisco Umbrella Rank: 235885	930 B
50	12

	Domain	Requested by
20	www.ghadiscovery.com	www.ghadiscovery.com
6	discoveryloyalty.custhelp.com	www.ghadiscovery.com
3	www.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	www.ghadiscovery.com www.googletagmanager.com
3	cloud.typenetwork.com	www.ghadiscovery.com cloud.typenetwork.com
2	www.facebook.com	www.ghadiscovery.com
2	escp.ghadiscovery.com	www.ghadiscovery.com
2	connect.facebook.net	www.ghadiscovery.com connect.facebook.net
2	oscp.ghadiscovery.com	www.ghadiscovery.com
2	cms.ghadiscovery.com	www.ghadiscovery.com
2	cdn-cookieyes.com	www.ghadiscovery.com cdn-cookieyes.com
1	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	geoip.cookieyes.com	cdn-cookieyes.com
1	active.cookieyes.com	cdn-cookieyes.com
1	email.discoveryloyalty.com	1 redirects
50	16

This site contains links to these domains. Also see Links.

Domain
zh.ghadiscovery.com
de.ghadiscovery.com
es.ghadiscovery.com
visit.ghadiscovery.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
*.ghadiscovery.com E1	`2022-05-03` - `2022-08-01`	3 months	crt.sh
*.typenetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-24` - `2022-06-29`	a year	crt.sh
*.cdn-cookieyes.com E1	`2022-06-18` - `2022-09-16`	3 months	crt.sh
active.cookieyes.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.custhelp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh
geoip.cookieyes.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Frame ID: 18AB06772898BE58D2ADB14F0807B157
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support Portal | GHA DISCOVERY Loyalty - GHA Loyalty Program

Page URL History Show full URLs

https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rerjOAr4zcfLbzgpC7hzd... HTTP 302
https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&ut... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

50
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

12
IPs

6
Countries

2773 kB
Transfer

4514 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://zh.ghadiscovery.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://de.ghadiscovery.com/
Title: DEUTSCH

Search URL Search Domain Scan URL

URL: https://es.ghadiscovery.com/
Title: ESPAÑOL

Search URL Search Domain Scan URL

URL: https://visit.ghadiscovery.com/ghadiscovery-awards/
Title: AWARDS

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ghadiscovery/?language=E&nid=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GHADISCOVERY/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rerjOAr4zcfLbzgpC7hzdWNk7S6ELUrNwX3Dlv8zdzcWWbkVXtpKX=YAUBRC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLThAsYN_Qlqor6x6SmYQsF9eK9MlZu6coijVhiVkdkvm3331cbiENLX69XDMIczPwCtc4TzfJCdkvp-ZoJcf7Hi8dBXP.&_di_=dc7nb03p6ehupggdv4baf7validbbo3cs7uj2uv6s1c5p18mpss0 HTTP 302
https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
www.ghadiscovery.com/support/
Redirect Chain

https://email.discoveryloyalty.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rerjOAr4zcfLbzgpC7hzdWNk7S6ELUrNwX3Dlv8zdzcWWbkVXtpKX=YAUBRC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y...
https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs

46 KB
11 KB

133ms
63ms

Document
text/html

104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffd79906a28176fc6d15cafd96045f260281c4542acd53f67b1e675adc87d83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 761
cache-control: public, s-maxage=600
cf-cache-status: DYNAMIC
cf-ray: 72303d863e8698f7-ARN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 17:04:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-server-id: 9c73a97a349f
x-xss-protection: mode=block

Redirect headers

Cache-Control: no-store, no-cache
Connection: close
Date: Wed, 29 Jun 2022 17:04:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
P3P: policyref="http://policy.rsys8.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H2 200 /
cloud.typenetwork.com/projects/6143/fontface.css/ 4 KB
1 KB 214ms
48ms Stylesheet
text/css 192.229.233.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projects/6143/fontface.css/

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 Long Beach, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B75) /

Resource Hash

9f52f19eb1cfd53ec5c32adc9ddd5110c8abb8836713316803f7781b350e99bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161918
x-cache: HIT
allow: GET, HEAD, OPTIONS
content-length: 576
referrer-policy: same-origin
last-modified: Mon, 27 Jun 2022 19:08:59 GMT
server: ECS (amb/6B75)
x-frame-options: DENY
etag: W/"fe8278775fa762b972e9750c9833bf39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4mAx7sN0Pt2fUWR36qrTgeT3TdX%2FgmUx6G5CkTxSJejlnVo23hGL%2B4z9F6bV1kcKjhO75X5Ra9M9JmUQduHplrnKVJob5%2FgpTKUod5OVybPoDz2xPsdjr9fwWaHXU81krKg%2Bx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
cf-ray: 7220cc728e0cb7ba-AMS
expires: Wed, 29 Jun 2022 20:04:16 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/ 136 KB
46 KB 156ms
76ms Script
application/javascript 172.67.68.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/script.js
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b7db184a0580734fe2d608d2a972b149e6bdc974ae3ef0de6cf12f897fe60b

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199000
access-control-allow-methods: GET, OPTIONS
last-modified: Mon, 27 Jun 2022 09:35:23 GMT
server: cloudflare
etag: W/"21fda-5e26aa3a3bbd9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3eYiI6C35LAD1SFPhb%2FSGaDKAEsb%2B8J6g3pYWfsNJ0fdMS4M9FW4R69EY35YLovsqjHDWXIjQqC4yzC5KZS%2Fy09BbJ1Zdg7CXQNhe8raT26nnu97qpW%2Brseyvv8NoISXQnk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 72303d873adcb80a-RIX

GET
H2 200 9bc928be0aa45238.css
www.ghadiscovery.com/_next/static/css/ 109 KB
20 KB 41ms
39ms Stylesheet
text/css 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/css/9bc928be0aa45238.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b7b9be31371c8fb4c1b0bad986b470bf58752c65704453d08241fbb200e5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1156155
content-length: 19792
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 07:48:46 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1b430-1816b7c6f30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d86bf4098f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 a96af58339ce7f66.css
www.ghadiscovery.com/_next/static/css/ 919 B
574 B 44ms
42ms Stylesheet
text/css 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/css/a96af58339ce7f66.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f13a908c19206cefab025fd6f7c81fe18f483018d2a0f77cfb4f1d6ca1a2ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202677
content-length: 459
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"397-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d86bf4398f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 webpack-ae9dd79e9eb700e3.js Show response
www.ghadiscovery.com/_next/static/chunks/ 7 KB
3 KB 33ms
33ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/webpack-ae9dd79e9eb700e3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d1842fb57389b4b0fcbaf1d33394ca7497919af34fbfd31780b645fb90dd01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1136292
content-length: 3380
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1c73-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d87c8fb98f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 framework-e4fe6a4fc9298e74.js Show response
www.ghadiscovery.com/_next/static/chunks/ 126 KB
42 KB 36ms
35ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/framework-e4fe6a4fc9298e74.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6927bf0f2ecae46699fc8da09152fda7910cf2ee8421d2087cd23c7afd57eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1769597
content-length: 42347
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 02 Jun 2022 09:34:58 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1f93e-18123c4a1d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88094098f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 main-5a2a1931b9adb4e7.js Show response
www.ghadiscovery.com/_next/static/chunks/ 102 KB
29 KB 36ms
36ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf1000904d9d2c746ff941d5f7563b7bcd6e0f57119c9861f0dc22d14ef84eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1089112
content-length: 29229
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"196d2-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88094598f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 _app-c7df8f349d8ffdd5.js Show response
www.ghadiscovery.com/_next/static/chunks/pages/ 916 KB
235 KB 37ms
35ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/pages/_app-c7df8f349d8ffdd5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c647dccab1221bb99279427172db77c9ecb6140f3c499264d5c0efe60ab7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1079415
content-length: 240646
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"e4ef9-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399498f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 1664-59f15885b7f7cc8e.js Show response
www.ghadiscovery.com/_next/static/chunks/ 6 KB
3 KB 39ms
38ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/1664-59f15885b7f7cc8e.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e80c3ec960c7c11ec1ea0f5a7c218943bd0dc123366fa18939d96a885c2c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 20965
content-length: 2562
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1985-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399598f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 home-22096d1ebe4c37ee.js Show response
www.ghadiscovery.com/_next/static/chunks/pages/support/ 4 KB
2 KB 67ms
65ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/pages/support/home-22096d1ebe4c37ee.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

842deb89eb9b24f947212fbb07bfa33db1b0626fab2d92c1af477f8fb8f3dc76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 80753
content-length: 1827
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"fce-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399898f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 _buildManifest.js Show response
www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/ 9 KB
3 KB 63ms
62ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b1e9a0625470760a365b28b61535741c7390079edefd3cfba73065193cc23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1136292
content-length: 2810
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"256f-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399998f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 _ssgManifest.js Show response
www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/ 76 B
144 B 64ms
63ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1136292
content-length: 60
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"4c-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399a98f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 _middlewareManifest.js Show response
www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/ 92 B
169 B 62ms
62ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/YH3XpdQp_UEB5H3xErcfX/_middlewareManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1136292
content-length: 62
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:22:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5c-1816cadbf58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d88399c98f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

POST
H2 200 log
active.cookieyes.com/api/702944d33ab88ce72c924b9a/ 2 B
175 B 180ms
64ms Ping
text/plain 46.101.13.61
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://active.cookieyes.com/api/702944d33ab88ce72c924b9a/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 529751.cloudwaysapps.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
server: nginx
age: 0
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2

GET
H2 200 support.jpg
www.ghadiscovery.com/images/ 141 KB
142 KB 133ms
132ms Image
image/jpeg 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghadiscovery.com/images/support.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d63c7bb688d68b7147e5751565c90fc7cd4b3caceff560766a833e296bb1011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
last-modified: Wed, 10 Nov 2021 15:46:45 GMT
content-length: 144446
x-xss-protection: mode=block
referrer-policy: no-referrer
cf-bgj: h2pri
server: cloudflare
etag: W/"2343e-17d0a87b288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-server-id: 2f2f07f26c03
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72303d8839ad98f7-ARN
expires: Wed, 29 Jun 2022 21:04:16 GMT

GET
H2 200 Jost-SemiBold.60f0bcb4.woff2
www.ghadiscovery.com/_next/static/media/ 20 KB
20 KB 57ms
54ms Font
font/woff2 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/media/Jost-SemiBold.60f0bcb4.woff2

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/css/9bc928be0aa45238.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a41727c5b85b43f7ea9464970a3220e0d51193728f64bd9a19cfb3dfa86412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

Referer
Origin: https://www.ghadiscovery.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1161629
content-length: 20056
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 02 Jun 2022 09:34:58 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"4e3c-18123c4a1d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d8849c498f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 /
cloud.typenetwork.com/projectLicenseWeb/30704/fontfile/woff2/ 47 KB
48 KB 194ms
48ms Font
application/font-woff2 192.229.233.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projectLicenseWeb/30704/fontfile/woff2/?34863335401629dd613ca0af55c460918ecb1942

Requested by

Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/6143/fontface.css/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 Long Beach, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA4) /

Resource Hash

3f550aea064211fd7f9d85383a006db7f16df77ecba82ad687ca84c65f627f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cloud.typenetwork.com/projects/6143/fontface.css/
Origin: https://www.ghadiscovery.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75216
x-cache: HIT
content-disposition: attachment; filename="IvyModeGHA-SemiBold.woff2"
allow: GET, HEAD, OPTIONS
content-length: 48412
referrer-policy: same-origin
last-modified: Tue, 28 Jun 2022 18:46:58 GMT
server: ECS (amb/6BA4)
etag: "d6911ffae9722660d15bc4155b5a4c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FXalQyS8xZbu7HJaCGXClOBHDBaZXQ4cohk5VNlqkFIZscQJRig4eJVvfkvVQZo9oCxK03auiSf9mbCjwtBaRWg6cKmgx3b9STYep%2FnEI7p691AqqCaM30yvsNmi7TQOnkEwck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 722911340b54b930-AMS
expires: Fri, 29 Jul 2022 17:04:16 GMT

GET
H2 200 /
cloud.typenetwork.com/projectLicenseWeb/30702/fontfile/woff2/ 47 KB
47 KB 242ms
97ms Font
application/font-woff2 192.229.233.123
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projectLicenseWeb/30702/fontfile/woff2/?34863335401629dd613ca0af55c460918ecb1942

Requested by

Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/6143/fontface.css/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.123 Long Beach, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B99) /

Resource Hash

d40e39f7641fc65aef01ebc3a517f85958b266bf758fda68889e1c98633e0d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cloud.typenetwork.com/projects/6143/fontface.css/
Origin: https://www.ghadiscovery.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75262
x-cache: HIT
content-disposition: attachment; filename="IvyModeGHA-Regular.woff2"
allow: GET, HEAD, OPTIONS
content-length: 48112
referrer-policy: same-origin
last-modified: Tue, 28 Jun 2022 18:46:58 GMT
server: ECS (amb/6B99)
etag: "226ac0d8a8de0fdd44588fb52fe13d5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u48mHAyWvDeCrNGQoFCw68wWefy0wFLMPT6Mp6E%2B95tsT28UA1K%2F6eH43Na2TUvvFnOeKjgC7a8v0NA4ZUTV1V9%2F31hm1wUpk1NtBChEcX6HQl1MmCTpIYCKFS4qtezgyrjWQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 722910160c38b897-AMS
expires: Fri, 29 Jul 2022 17:04:16 GMT

GET
H2 200 Jost-Regular.4fc9a4ec.woff2
www.ghadiscovery.com/_next/static/media/ 17 KB
18 KB 56ms
55ms Font
font/woff2 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/media/Jost-Regular.4fc9a4ec.woff2

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/css/9bc928be0aa45238.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c755f9d2931c9fc2bd5206619f06bbefd76f17722682ec98a6fc5b20fcef1839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

Referer
Origin: https://www.ghadiscovery.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1161629
content-length: 17888
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 02 Jun 2022 09:34:58 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"45c4-18123c4a1d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d8849c698f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H/1.1 200
OK cat162t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 216 KB
216 KB 152ms
52ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat162t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 0a8708d5073f471b21280182811403ceb54753f8c392e826f03d57fe69331c16

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 06:02:01 GMT
Content-Type: image/png
RNT-Time: D=5619 t=1656522256810503
RNT-Machine: 0.69
Cache-Control: max-age=900
RNT-JN-Ext-UUID: 3bca4393-daaa-4b14-87ad-fa2fb90e40b1
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.4
Content-Length: 220707
Expires: Wed, 29 Jun 2022 17:19:16 GMT

GET
H/1.1 200
OK cat168t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 363 KB
364 KB 150ms
50ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat168t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 4dc4f11a6b6ac81703ff34d19f46697874c797d15bd4c855886297529b4296d0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 06:01:53 GMT
Content-Type: image/png
RNT-Time: D=2694 t=1656522256812072
RNT-Machine: 0.73
Cache-Control: max-age=900
RNT-JN-Ext-UUID: 2272afce-50a3-4d56-b3d8-e06b3df4c2e4
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.3
Content-Length: 372172
Expires: Wed, 29 Jun 2022 17:19:16 GMT

GET
H/1.1 200
OK cat173t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 309 KB
309 KB 151ms
50ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat173t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 18ac78e4a83eb964b3ba3ece19099a5530ed8f8efddfd5e4e7ced0d73634e094

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 05:59:34 GMT
Content-Type: image/png
RNT-Time: D=3772 t=1656522256810996
RNT-Machine: 0.73
Cache-Control: max-age=900
RNT-JN-Ext-UUID: 23369a6d-32c7-4d56-bc41-6a97c41678fb
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.4
Content-Length: 316109
Expires: Wed, 29 Jun 2022 17:19:16 GMT

GET
H/1.1 200
OK cat189t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 300 KB
300 KB 152ms
52ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat189t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9783a4e0b26d7353d3abc977ae37e465813df968cff8b766dd59ea8ca07cbb0c

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 06:00:27 GMT
Content-Type: image/png
RNT-Time: D=4479 t=1656522256812616
RNT-Machine: 0.71
Cache-Control: max-age=900
RNT-JN-Ext-UUID: f9dcd219-6f76-40c7-a6fb-722591e3054d
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.3
Content-Length: 306782
Expires: Wed, 29 Jun 2022 17:19:16 GMT

GET
H/1.1 200
OK cat204t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 291 KB
291 KB 153ms
53ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat204t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 0922d19d4da059c1e3a7fea4b41fb53b82f2f26cfaa31c57eb091085e503f4f8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 05:58:07 GMT
Content-Type: image/png
RNT-Time: D=5264 t=1656522256811303
RNT-Machine: 0.69
Cache-Control: max-age=900
RNT-JN-Ext-UUID: 161e2432-2c97-410f-8bb8-4177df212950
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.2
Content-Length: 297785
Expires: Wed, 29 Jun 2022 17:19:16 GMT

GET
H/1.1 200
OK cat375t.png
discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/ 242 KB
243 KB 153ms
51ms Image
image/png 147.154.159.252
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discoveryloyalty.custhelp.com//rnt/rnw/img/enduser/cat375t.png
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/support/home?nid=210384331&language=E&utm_medium=email&utm_source=gha_crm&utm_campaign=2022CRM020DOUBLEDFOLLOWUP&utm_content=footerContactUs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.154.159.252 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 3923d5eb832cf3d46fe61342d79af3046097fa05ced922ea010ed80093349bdd

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 17:04:16 GMT
Last-Modified: Mon, 13 Dec 2021 05:55:57 GMT
Content-Type: image/png
RNT-Time: D=1409 t=1656522256815509
RNT-Machine: 0.73
Cache-Control: max-age=900
RNT-JN-Ext-UUID: 7e838ec7-2945-43f3-b6a8-0e88e047837d
Connection: keep-alive
Accept-Ranges: bytes
RNT-JN-Ext-Machine: 43.2
Content-Length: 248298
Expires: Wed, 29 Jun 2022 17:19:16 GMT

OPTIONS
H2 200 graphql
cms.ghadiscovery.com/ 0
0 172ms
67ms Preflight
text/html 35.158.44.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.ghadiscovery.com/graphql
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.44.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-44-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.ghadiscovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, authorization, x-ssr
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-origin: https://www.ghadiscovery.com
access-control-max-age: 3600
age: 0
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-length: 20
content-type: text/html; charset=UTF-8
date: Wed, 29 Jun 2022 17:04:16 GMT
expires: Wed, 29 Jun 2022 17:04:16 GMT
vary: Origin, cookie, authorization, x-forwarded-port, Accept-Encoding
x-cache: PASS
x-server-id: 6ad26bfee721
x-server-name: 6ad26bfee721

OPTIONS
H2 200 rates
oscp.ghadiscovery.com/api/v2/exchange/ 0
0 158ms
46ms Preflight 35.158.44.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oscp.ghadiscovery.com/api/v2/exchange/rates

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.44.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-44-93.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.ghadiscovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 29 Jun 2022 17:04:16 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
62 KB 177ms
68ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BCB634

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4e8a75edac02164e899c5e56214eccd0faddd3d5ab36ebf2264962dacdb0b559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62550
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 16:03:24 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Jun 2022 17:04:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 143ms
47ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: 1/vkLyjtYDnjskOCGedec8bg5mLpohyVwAJBqE/jeHpfl+JBFW1pwA4axC5TJx1D2xE5kppLEnqxKPkAQvW3OA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 29 Jun 2022 17:04:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 graphql Show response
cms.ghadiscovery.com/ 676 B
887 B 54ms
54ms XHR
application/json 35.158.44.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.ghadiscovery.com/graphql
Requested by: Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/pages/_app-c7df8f349d8ffdd5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.44.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-44-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 985330d7980e80b38b3b45cb2cdfba6b4038ad551edb20166fdc2933c0299548

Request headers

Accept: application/json, text/plain, */*
Referer
authorization: Basic Z2hhOnVFNlU4d253aExzVTVHa1k=
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

x-cache-ttl: 2324.176
date: Wed, 29 Jun 2022 17:04:17 GMT
content-encoding: gzip
vary: cookie, authorization, x-forwarded-port, Accept-Encoding
x-server-name: 5c6b18e0061e
age: 1275
x-server-id: 5c6b18e0061e
x-cache: HIT
content-length: 415
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET, POST
content-type: application/json
access-control-allow-origin: https://www.ghadiscovery.com
access-control-expose-headers: link
cache-control: public, s-maxage=3600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization
x-cache-hits: 904

GET
H2 200 rates Show response
oscp.ghadiscovery.com/api/v2/exchange/ 6 KB
7 KB 54ms
54ms XHR
application/json 35.158.44.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://oscp.ghadiscovery.com/api/v2/exchange/rates

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/pages/_app-c7df8f349d8ffdd5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.44.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-44-93.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ca992ede3e165c3f91d7202e80c294853a544b39836cfdb4891a6a8bbef3ab11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
authorization: Basic Z2hhOnVFNlU4d253aExzVTVHa1k=
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:17 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 me Show response
escp.ghadiscovery.com/api/v2/location/ 113 B
452 B 539ms
537ms XHR
application/json 3.120.64.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://escp.ghadiscovery.com/api/v2/location/me

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/pages/_app-c7df8f349d8ffdd5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.64.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-64-168.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6b31926d43552cc0249baf2bd19917379063f0fbc212399cb9418b1d515a647b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
authorization: Basic Z2hhOnVFNlU4d253aExzVTVHa1k=
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:17 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 me
escp.ghadiscovery.com/api/v2/location/ 0
0 140ms
46ms Preflight 3.120.64.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://escp.ghadiscovery.com/api/v2/location/me

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.64.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-64-168.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.ghadiscovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 29 Jun 2022 17:04:16 GMT
expires: 0
pragma: no-cache
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 29107295-52f938a4089e4ea4.js
www.ghadiscovery.com/_next/static/chunks/ 0
25 KB 36ms
35ms Other
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/29107295-52f938a4089e4ea4.js

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202676
content-length: 25729
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1123d-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d894be098f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 %5BcategoryId%5D-536112d44588aecc.js
www.ghadiscovery.com/_next/static/chunks/pages/support/category/ 0
4 KB 46ms
46ms Other
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/pages/support/category/%5BcategoryId%5D-536112d44588aecc.js

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202676
content-length: 4358
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"2c0e-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d894be598f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 29107295-52f938a4089e4ea4.js Show response
www.ghadiscovery.com/_next/static/chunks/ 69 KB
25 KB 35ms
35ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/29107295-52f938a4089e4ea4.js

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c133063cb80e9c7bac00396ddc7cd66b299dc7a69f587bedfe828d78f01cf581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202676
content-length: 25729
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"1123d-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 2f2f07f26c03
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d896c1598f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 %5BcategoryId%5D-536112d44588aecc.js Show response
www.ghadiscovery.com/_next/static/chunks/pages/support/category/ 11 KB
4 KB 34ms
33ms Script
application/javascript 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/chunks/pages/support/category/%5BcategoryId%5D-536112d44588aecc.js

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4979cea2b0d0967f0be7bc79e5cfa2a97b8edba881a60d09732b98a24c3d4177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202676
content-length: 4358
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"2c0e-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d896c1a98f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 a96af58339ce7f66.css Show response
www.ghadiscovery.com/_next/static/css/ 919 B
569 B 36ms
35ms Fetch
text/css 104.18.15.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghadiscovery.com/_next/static/css/a96af58339ce7f66.css

Requested by

Host: www.ghadiscovery.com
URL: https://www.ghadiscovery.com/_next/static/chunks/main-5a2a1931b9adb4e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.15.129 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f13a908c19206cefab025fd6f7c81fe18f483018d2a0f77cfb4f1d6ca1a2ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 202677
content-length: 459
x-xss-protection: mode=block
referrer-policy: no-referrer
last-modified: Thu, 16 Jun 2022 13:21:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"397-1816cad6198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-server-id: 9c73a97a349f
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72303d896c1898f7-ARN
expires: Thu, 29 Jun 2023 17:04:16 GMT

GET
H2 200 257642051725095 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 50ms
49ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/257642051725095?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

09279523fa6c3a58cf5a4ec61e10d7af0293f73428ba18092205caa31418d7bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85498
x-xss-protection: 0
pragma: public
x-fb-debug: GNBJRTz6rWiCiX7cQp+6VKJ67Pjyyr9PqRpqZfzzAjuswGUNjnf4SuG5fyDJuq31dbjkxXhw1RL6pija7+J98Q==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 17:04:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 174ms
74ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D9MR6RZSJH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BCB634

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60549128f746224dee520f21b4a0b17ea338533e98b58500df6110fda827bece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70793
x-xss-protection: 0
expires: Wed, 29 Jun 2022 17:04:17 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 162ms
63ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-D9MR6RZSJH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BCB634

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

256a4e18fc0e7de192277034d49692ec3f948146600b57c95e32d06bb04ae10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70787
x-xss-protection: 0
expires: Wed, 29 Jun 2022 17:04:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 149ms
47ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257642051725095&ev=PageView&dl=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome%3Fnid%3D210384331%26language%3DE%26utm_medium%3Demail%26utm_source%3Dgha_crm%26utm_campaign%3D2022CRM020DOUBLEDFOLLOWUP%26utm_content%3DfooterContactUs&rl=&if=false&ts=1656522261806&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656522261805.746661019&it=1656522261664&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 29 Jun 2022 17:04:17 GMT

GET
H2 200 b4sb5wWz.json Show response
cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/ 4 KB
2 KB 124ms
47ms Fetch
application/json 172.67.68.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/b4sb5wWz.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.68.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5de0204563448517d6a7beb0622ee9d991d334e2d343cd9b05e36370b297064b

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198996
access-control-allow-methods: GET, OPTIONS
last-modified: Mon, 27 Jun 2022 09:35:23 GMT
server: cloudflare
etag: W/"e2b-5e26aa3a3bbd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ckbuPs0bzp5hrDV8GtkBpS7TxWlGpYKiOAj8y63vd98pd6TxqPNjm%2B7bdzvqjcPdDPf0j9SRvwMy03CbTcbq56DvflYMSf59rcPvMYA%2BXSpPVbR%2FHjpLj2ledACwrsOIHo4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 72303d8d9e32b80d-RIX

GET
H2 200 result.php Show response
geoip.cookieyes.com/geoip/checker/ 112 B
313 B 184ms
66ms Fetch
text/html 46.101.13.61
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.cookieyes.com/geoip/checker/result.php
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/702944d33ab88ce72c924b9a/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.13.61 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 529751.cloudwaysapps.com
Software: nginx /
Resource Hash: ca0c9c9e4ebb0d0b5c3334ccf7da65e0750848faef80815a941565b54c0df03b

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 113

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262

42 B
681 B

182ms
66ms

Ping
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=210482728.1656522262&url=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome&gtm=2wg6r05BCB634&auid=1614105862.1656522262
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 101ms
35ms Ping
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D9MR6RZSJH&gtm=2oe6r0&_p=916211567&_z=ccd.v9B&gcs=G111&cid=227012290.1656522262&ul=en-us&sr=1600x1200&_s=1&sid=1656522262&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome%3Fnid%3D210384331%26language%3DE%26utm_medium%3Demail%26utm_source%3Dgha_crm%26utm_campaign%3D2022CRM020DOUBLEDFOLLOWUP%26utm_content%3DfooterContactUs&dt=Support%20Portal%20%7C%20GHA%20DISCOVERY%20Loyalty%20-%20GHA%20Loyalty%20Program&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9MR6RZSJH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
351 B 85ms
33ms Ping
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D9MR6RZSJH&gtm=2oe6r0&_p=916211567&_z=ccd.v9B&gcs=G111&ul=en&cid=227012290.1656522262&sr=1600x1200&_eu=C&_s=2&sid=1656522262&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome%3Fnid%3D210384331%26language%3DE%26utm_medium%3Demail%26utm_source%3Dgha_crm%26utm_campaign%3D2022CRM020DOUBLEDFOLLOWUP%26utm_content%3DfooterContactUs&dt=Support%20Portal%20%7C%20GHA%20DISCOVERY%20Loyalty%20-%20GHA%20Loyalty%20Program&en=afterPageview&ep.brand=GHA&ep.environment=live&ep.login=false&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9MR6RZSJH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 97ms
48ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=257642051725095&ev=Microdata&dl=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome%3Fnid%3D210384331%26language%3DE%26utm_medium%3Demail%26utm_source%3Dgha_crm%26utm_campaign%3D2022CRM020DOUBLEDFOLLOWUP%26utm_content%3DfooterContactUs&rl=&if=false&ts=1656522263310&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Support%20Portal%20%7C%20GHA%20DISCOVERY%20Loyalty%20-%20GHA%20Loyalty%20Program%22%2C%22meta%3Adescription%22%3A%22Discover%20our%20one-of-a-kind%20loyalty%20programme.%20It%E2%80%99s%20more%20than%20a%20membership%2C%20it%E2%80%99s%20your%20window%20to%20your%20world%22%2C%22meta%3Akeywords%22%3A%22luxury%20resorts%20%26%20hotels%2C%20luxury%20hotels%20%26%20resorts%2C%20luxury%20hotels%2C%20luxury%20resorts%2C%20hotel%20loyalty%20programme%2C%20hotel%20loyalty%20programmes%2C%20loyalty%20programmes%2C%20loyalty%20programme%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1656522261805.746661019&it=1656522261664&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 17:04:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 29 Jun 2022 17:04:18 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 88ms
34ms Ping
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D9MR6RZSJH&gtm=2oe6r0&_p=916211567&_z=ccd.v9B&gcs=G111&ul=en&sr=1600x1200&cid=227012290.1656522262&_s=3&dl=https%3A%2F%2Fwww.ghadiscovery.com%2Fsupport%2Fhome%3Fnid%3D210384331%26language%3DE%26utm_medium%3Demail%26utm_source%3Dgha_crm%26utm_campaign%3D2022CRM020DOUBLEDFOLLOWUP%26utm_content%3DfooterContactUs&dt=Support%20Portal%20%7C%20GHA%20DISCOVERY%20Loyalty%20-%20GHA%20Loyalty%20Program&sid=1656522262&sct=1&seg=0&en=afterPageview&ep.brand=GHA&ep.environment=live&ep.login=false&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D9MR6RZSJH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 17:04:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghadiscovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discoveryloyalty.com/pub	1970-01-20 04:51:54	Name: 6.interact8.Tta.....N.N... Value: _ri_=X0Gzc2X%3DAQpglLjHJlCQGv5JS5k5JzcNgHl5qIDBzc3rerjOAr4zcfLbzgpC7hzdWNk7S6ELUrNwX3Dlv8zdzcWWbkVXtpKX%3DYAUBRC&_ei_=EQLIVj8x9EsyUELCtX-jUiInGMu6FXgxU-hfAYh4Y-ubnmd3cBhCZJ7XJ-akzAesLThAsYN_Qlqor6x6SmYQsF9eK9MlZu6coijVhiVkdkvm3331cbiENLX69XDMIczPwCtc4TzfJCdkvp-ZoJcf7Hi8dBXP
.www.ghadiscovery.com/	1970-01-20 04:10:08	Name: cky-active-check Value: yes
.ghadiscovery.com/	1970-01-20 06:18:18	Name: _fbp Value: fb.1.1656522261805.746661019
.www.ghadiscovery.com/	1970-01-20 12:54:18	Name: cookieyesID Value: dkw2cDY4RU1yemVHWTlBOWZ3TUtlRm1rb09Wa0I0RHc=
.www.ghadiscovery.com/	1970-01-20 12:54:18	Name: cky-consent Value: no
.www.ghadiscovery.com/	1970-01-20 12:54:18	Name: cookieyes-necessary Value: yes
.www.ghadiscovery.com/	1970-01-20 12:54:18	Name: cookieyes-analytics Value: yes
.ghadiscovery.com/	1970-01-20 06:18:18	Name: _gcl_au Value: 1.1.1614105862.1656522262
.ghadiscovery.com/	1970-01-20 21:39:54	Name: _ga_D9MR6RZSJH Value: GS1.1.1656522262.1.0.1656522262.0
.ghadiscovery.com/	1970-01-20 21:39:54	Name: _ga Value: GA1.1.227012290.1656522262
.doubleclick.net/	1970-01-20 04:08:43	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

active.cookieyes.com
cdn-cookieyes.com
cloud.typenetwork.com
cms.ghadiscovery.com
connect.facebook.net
discoveryloyalty.custhelp.com
email.discoveryloyalty.com
escp.ghadiscovery.com
geoip.cookieyes.com
googleads.g.doubleclick.net
oscp.ghadiscovery.com
www.facebook.com
www.ghadiscovery.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.15.129
140.86.227.60
142.250.181.228
142.250.184.232
142.250.185.98
147.154.159.252
172.67.68.214
185.60.216.19
185.60.216.35
192.229.233.123
216.239.34.178
3.120.64.168
35.158.44.93
46.101.13.61
0922d19d4da059c1e3a7fea4b41fb53b82f2f26cfaa31c57eb091085e503f4f8
09279523fa6c3a58cf5a4ec61e10d7af0293f73428ba18092205caa31418d7bb
0a8708d5073f471b21280182811403ceb54753f8c392e826f03d57fe69331c16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18ac78e4a83eb964b3ba3ece19099a5530ed8f8efddfd5e4e7ced0d73634e094
1d63c7bb688d68b7147e5751565c90fc7cd4b3caceff560766a833e296bb1011
256a4e18fc0e7de192277034d49692ec3f948146600b57c95e32d06bb04ae10c
3923d5eb832cf3d46fe61342d79af3046097fa05ced922ea010ed80093349bdd
3f550aea064211fd7f9d85383a006db7f16df77ecba82ad687ca84c65f627f8f
46e80c3ec960c7c11ec1ea0f5a7c218943bd0dc123366fa18939d96a885c2c11
4979cea2b0d0967f0be7bc79e5cfa2a97b8edba881a60d09732b98a24c3d4177
4dc4f11a6b6ac81703ff34d19f46697874c797d15bd4c855886297529b4296d0
4e8a75edac02164e899c5e56214eccd0faddd3d5ab36ebf2264962dacdb0b559
4f13a908c19206cefab025fd6f7c81fe18f483018d2a0f77cfb4f1d6ca1a2ef4
50c647dccab1221bb99279427172db77c9ecb6140f3c499264d5c0efe60ab7bc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a41727c5b85b43f7ea9464970a3220e0d51193728f64bd9a19cfb3dfa86412
5de0204563448517d6a7beb0622ee9d991d334e2d343cd9b05e36370b297064b
60549128f746224dee520f21b4a0b17ea338533e98b58500df6110fda827bece
6b31926d43552cc0249baf2bd19917379063f0fbc212399cb9418b1d515a647b
82b1e9a0625470760a365b28b61535741c7390079edefd3cfba73065193cc23b
842deb89eb9b24f947212fbb07bfa33db1b0626fab2d92c1af477f8fb8f3dc76
9783a4e0b26d7353d3abc977ae37e465813df968cff8b766dd59ea8ca07cbb0c
985330d7980e80b38b3b45cb2cdfba6b4038ad551edb20166fdc2933c0299548
9f52f19eb1cfd53ec5c32adc9ddd5110c8abb8836713316803f7781b350e99bf
b6927bf0f2ecae46699fc8da09152fda7910cf2ee8421d2087cd23c7afd57eee
c133063cb80e9c7bac00396ddc7cd66b299dc7a69f587bedfe828d78f01cf581
c755f9d2931c9fc2bd5206619f06bbefd76f17722682ec98a6fc5b20fcef1839
ca0c9c9e4ebb0d0b5c3334ccf7da65e0750848faef80815a941565b54c0df03b
ca992ede3e165c3f91d7202e80c294853a544b39836cfdb4891a6a8bbef3ab11
d3b7db184a0580734fe2d608d2a972b149e6bdc974ae3ef0de6cf12f897fe60b
d40e39f7641fc65aef01ebc3a517f85958b266bf758fda68889e1c98633e0d87
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b7b9be31371c8fb4c1b0bad986b470bf58752c65704453d08241fbb200e5d0
ebf1000904d9d2c746ff941d5f7563b7bcd6e0f57119c9861f0dc22d14ef84eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d1842fb57389b4b0fcbaf1d33394ca7497919af34fbfd31780b645fb90dd01
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
ffd79906a28176fc6d15cafd96045f260281c4542acd53f67b1e675adc87d83d

www.ghadiscovery.com Open in urlscan Pro 104.18.15.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

0 %IPv6

12 Domains

16 Subdomains

12 IPs

6 Countries

2773 kBTransfer

4514 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ghadiscovery.com Open in urlscan Pro
104.18.15.129 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

12
IPs

6
Countries

2773 kB
Transfer

4514 kB
Size

11
Cookies

50 HTTP transactions
0 data transactions