gheed.com Open in urlscan Pro
18.66.97.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gheed.com/giveaways/g-rvJ8
Submission: On October 18 via api (October 18th 2022, 1:06:56 am UTC) from FI — Scanned from FI

Summary HTTP 76 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 76 HTTP transactions. The main IP is 18.66.97.51, located in United States and belongs to AMAZON-02, US. The main domain is gheed.com.
TLS certificate: Issued by Amazon on January 29th 2022. Valid for: a year.

This is the only time gheed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	18.66.97.51 18.66.97.51	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	199.232.138.167 199.232.138.167	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	52.219.72.84 52.219.72.84	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:239... 2600:9000:2394:fe00:19:f28c:cd8e:cd41	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
76	20

29 18.66.97.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-51.fra56.r.cloudfront.net

gheed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.138.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

embed.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.219.72.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2394:fe00:19:f28c:cd8e:cd41 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.jtvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gheed.com gheed.com	2 MB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	209 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	407 KB
5	jtvnw.net static-cdn.jtvnw.net — Cisco Umbrella Rank: 8027	370 KB
5	amazonaws.com s3.eu-central-1.amazonaws.com	588 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	24 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	5 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	133 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	54 KB
1	google.fi adservice.google.fi — Cisco Umbrella Rank: 248845	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	694 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2248	46 KB
1	twitch.tv embed.twitch.tv — Cisco Umbrella Rank: 75288	9 KB
76	15

	Domain	Requested by
29	gheed.com	gheed.com
7	pagead2.googlesyndication.com	gheed.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	static-cdn.jtvnw.net	gheed.com
5	s3.eu-central-1.amazonaws.com	gheed.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	gheed.com www.gstatic.com www.google.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	gheed.com www.google-analytics.com
2	www.youtube.com	gheed.com www.youtube.com
2	platform.twitter.com	gheed.com platform.twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fi	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	fonts.googleapis.com	gheed.com
1	www.paypalobjects.com	gheed.com
1	embed.twitch.tv	gheed.com
76	20

This site contains links to these domains. Also see Links.

Domain
www.amazon.com
discord.gg
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
gheed.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
twitch.tv GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-24` - `2023-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
static-cdn.jtvnw.net Amazon	`2022-03-30` - `2023-04-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://gheed.com/giveaways/g-rvJ8
Frame ID: 2E266E80D95A6043EAE8B597BAB4C0B7
Requests: 60 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgheed.com
Frame ID: 7050904D326375C3F3E9A52BB64C8EFF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
Frame ID: 64776FDBF5D919CC0A8E8C6B667C0906
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=fi&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=tli67wo2352i
Frame ID: 0898327B5FDC8CBFBEB5990E51E39EE5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7430270068753912&output=html&adk=1812271804&adf=3025194257&lmt=1666055208&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgheed.com%2Fgiveaways%2Fg-rvJ8&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666055207738&bpp=3&bdt=870&idt=418&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3233892354230&frm=20&pv=2&ga_vid=1365006615.1666055208&ga_sid=1666055208&ga_hid=1761811786&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531705%2C44774292&oid=2&pvsid=3221281898720215&tmod=1823549315&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=440
Frame ID: C8527020C6697DC0783192BE1629EF94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECDCA8993914FC6EA23C6F6F086D2551
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD2F33477677B0331A4D0ACC316F4E2C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

25€ von DMZ Intel DE by zeakzeric @ GHEED

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

4119 kB
Transfer

7885 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.com/
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Amazon-Amazon-com-eGift-Cards/dp/B004LLIKVU/
Title: More product details

Search URL Search Domain Scan URL

URL: https://discord.gg/CCTuaCQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gheed_com

Search URL Search Domain Scan URL

URL: https://twitter.com/gheed_com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request g-rvJ8 Show response
gheed.com/giveaways/ 62 KB
9 KB 367ms
216ms Document
text/html 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 6c9af82f28d30f6fd57fdd31e7d502defeeae2f2b026e2f64b056fc569fbfc6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Oct 2022 01:06:46 GMT
etag: W/"f81c-t35oLIf/GqujU4sens5s08+CO1Q"
server: nginx/1.12.1
vary: Accept-Encoding
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-id: kZdaKxf5yrH8BRYQeskK5-b1NZU8Gzc3b_CeQv3mCmV_5_4TlN-nwQ==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront

GET
H2 200 fonts.css
gheed.com/static/assets/css/ 5 KB
1 KB 73ms
70ms Stylesheet
text/css 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/css/fonts.css
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3c052c239f112d8a87865f56d70dfe3c0cd53ad2ac9e9c53f5697b06eb3d4a9c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:02:52 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:01 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 411
etag: W/"14e2-182d58812e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: Ndmjh3yeao_ABzhPRyJGNvQpy_m8ivahZ-SYZasyV_TkSswcz3rEhw==

GET
H2 200 global.css
gheed.com/static/assets/css/ 3 KB
1 KB 68ms
65ms Stylesheet
text/css 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/css/global.css
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 32edf2d7ce31a18cd919c12e7d51684640b6ef44c65b15da80beac7832ba4f1e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 03:41:55 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:01 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 77091
etag: W/"a9e-182d58812e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: nkjh92XIts9R_KzcAgML-tp0HTQAN4TYxQNqUR-osKI3VJNbVqBxXQ==

GET
H2 200 vendors.38197ff1.chunk.css
gheed.com/static/css/ 19 KB
5 KB 69ms
67ms Stylesheet
text/css 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/css/vendors.38197ff1.chunk.css
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 67617a63e4b3c5921085d11b8db467f81262b155eb5a1cd6b189bafa80f4d108

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:02 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:57 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 75905
etag: W/"4ddb-182d588eda8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: xHFZOTm2s74ITAWDQPttfPW8tnxft8iIkm_IYxGkTtuPjeE_qq_PMg==

GET
H2 200 vendors.add763cf.chunk.js Show response
gheed.com/static/js/ 2 MB
525 KB 73ms
73ms Script
application/javascript 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d716c97ecb7fdf23a8e7d9a8f58590a7978db39aed5d8f8dc091e227a4d6e313

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:02 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:57 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 75906
etag: W/"1c8f50-182d588eda8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 5sv6fFPTbKGPC8yGFbmHXwUxbaO8FSpBQuNBGi_6khy5pquBTRT8fQ==

GET
H2 200 bundle.0ce2828b.css
gheed.com/static/css/ 20 KB
3 KB 73ms
71ms Stylesheet
text/css 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/css/bundle.0ce2828b.css
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9e7b1c3d14a6f4ae83d6903e1ca998accc6340c86db646945fc4f7ae41343cfb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 05:13:09 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:57 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 71783
etag: W/"4e71-182d588eda8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: mvUuyZ39KCzy9KFvQhw9syL6ygRR6b00tLn3wkbKvPTe1O20bpIYlA==

GET
H2 200 client.d6f13922.js Show response
gheed.com/static/js/ 1 MB
234 KB 276ms
276ms Script
application/javascript 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/client.d6f13922.js
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a86020ec30fd3289673df20ba59b8d67104c3a0c48d09e9208169af1fb992fb6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:02 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:57 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 75906
etag: W/"1238e0-182d588eda8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: ilsI8NENvICNyieQWCVH6aUG4rWc6bpW_axpyGPn3N8RyfKVxiSb-Q==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1002 B 239ms
88ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7937515634952bb025522495658ecae400216c5c3b22592d313f1baa5922c9cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 01:06:47 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 208ms
47ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F712) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:47 GMT
Content-Encoding: gzip
Age: 1195
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (ska/F712)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK v1.js Show response
embed.twitch.tv/embed/ 26 KB
9 KB 214ms
66ms Script
application/x-javascript 199.232.138.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.twitch.tv/embed/v1.js

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.138.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

aa6ea4dbf82068f55270e3dcfcc9353af725dde8c52a75e2523671a682ef83b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300
Via: 1.1 varnish
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 8252
X-XSS-Protection: 1; mode=block
X-Served-By: cache-hhn11547-HHN
Server: Kestrel
X-Timer: S1666055207.051954,VS0,VE1
ETag: "05c2430a1d4b9195096c8c36c2456b0e"
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type: application/x-javascript
Release-Type: release
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 242ms
90ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e9a45d0e1d5117dcf8afef7611e4b1bcce8601bf12b0f9323420c71233a06db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 18 Oct 2022 01:06:47 GMT

GET
H2 200 ppplus.min.js Show response
www.paypalobjects.com/webstatic/ppplus/ 129 KB
46 KB 222ms
66ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/ppplus/ppplus.min.js

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6ac4c7dee0700961ca2565b269df2b9a806e198b912a12fb48e60fd96c37979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 7f5593d5ea064
dc: ccg11-origin-www-1.paypal.com
content-length: 47124
x-served-by: cache-sjc10083-SJC, cache-hhn4045-HHN
last-modified: Mon, 27 Dec 2021 18:12:39 GMT
x-timer: S1666055207.060488,VS0,VE0
etag: W/"61ca0217-20281"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 211517, 29

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 249ms
91ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e250dbda4c4c6fbdce8a2ba3ab95a21ceadb9b870edfb29dc14dc7b1653c4231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55062
x-xss-protection: 0
server: cafe
etag: 15949296731993584305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:06:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 233ms
81ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,800,900

Requested by

Host: gheed.com
URL: https://gheed.com/static/assets/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

019fb44cafe54bd432a0f174ab70e7aae37e2998f0182c5e248e2d55319bd446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 01:06:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Oct 2022 01:06:47 GMT

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 395 KB
158 KB 224ms
72ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b00f49a68665fcb3562a58ec95e9314c2eb6513c5b29cfcc870fa453436beba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Origin: https://gheed.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161079
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 21:17:44 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/a25d4acf/www-widgetapi.vflset/ 157 KB
52 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a25d4acf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 15:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52758
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 00:16:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Oct 2023 15:01:57 GMT

GET
H2 200 splash-dark.png
gheed.com/static/assets/images/ 18 KB
19 KB 281ms
280ms Image
image/png 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/splash-dark.png
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dfdcc2bd0f3e869c5be6e5a6b300a4a5519bb7e6f2b5aad0744acaeee2c30bc3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/static/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 06:06:11 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:02 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 68520
etag: W/"4984-182d58816d0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18820
x-amz-cf-id: o-JVvKKKf_yOFolsWyrHs9OBee3HhTfa2xrFfxqwspiEizlKMLKKpA==

GET
H2 200 loading.gif
gheed.com/static/assets/images/ 16 KB
16 KB 282ms
282ms Image
image/gif 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/loading.gif
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: aec539715dd6d27a2c98b2ccac35cf08801b412cf8ee2c6f9bed1a904f8a7431

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/static/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:31:55 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:02 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 74092
etag: W/"3f05-182d58816d0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16133
x-amz-cf-id: oPrUt19Nnr4Dnzjvrk_yAgiS-jCqiMJ1gQBysvO0nf2nXtC2X3TwEQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 221ms
71ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 18 Oct 2022 01:15:57 GMT

GET
H2 200 guess Show response
gheed.com/prod/users/regions/ 36 B
556 B 89ms
88ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/users/regions/guess
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 5c040af8bf974422f63c8a54c44b2eb23f80f9f01898d90e0455154cce9596d0

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 36
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: b8989724-78a6-4808-bbef-2c0e1e719b21
x-cache: Miss from cloudfront
cloudfront-viewer-country: FI
x-amz-apigw-id: aLRWPFffliAFqJg=
content-length: 36
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc27-652ec89f03d49ee960696737;Sampled=0
content-type: application/json
x-country: FI
cache-control: public, max-age=0
x-amz-cf-id: 9HOqASbgC6zLS8Y91bUHiBGQ90SP8Rd8Ph2_CjfEqC6hzbYYd0HJbQ==
expires: 0

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 7050 320 KB
104 KB 47ms
47ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgheed.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F704) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 384321
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Oct 2022 01:06:47 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 222ms
71ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gheed.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 14:37:45 GMT
x-content-type-options: nosniff
age: 296942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 14:37:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 253ms
109ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7430270068753912&plah=gheed.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

715c241044a0fe127bd6140a4e1d34271e9ababd1e7f62c359d39f9fb08c8f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118729
x-xss-protection: 0
server: cafe
etag: 10651871016089944621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Oct 2022 01:06:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/ Frame 6477 10 KB
5 KB 223ms
71ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 21255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:12:32 GMT
etag: 9671129459699598864
expires: Mon, 31 Oct 2022 19:12:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0898 42 KB
21 KB 240ms
94ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=fi&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=tli67wo2352i

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e5ef2849720f0f57ee42182907a2a99dbeca9052ffa95eb8e60e550dd27e694

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5t8IhJPFq6n4CPdEntWKIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21980
content-security-policy: script-src 'report-sample' 'nonce-5t8IhJPFq6n4CPdEntWKIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 01:06:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gheed-logo-04-04.svg
gheed.com/static/assets/images/ 3 KB
1 KB 65ms
64ms Image
image/svg+xml 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/gheed-logo-04-04.svg
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5cb367f29a4f8ab0ff7b0b64558bd2b5893a8e6999cb9ac934389206c60e5c49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:10:03 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:02 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 75903
etag: W/"a60-182d58816d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 941
x-amz-cf-id: h4ddZuIpMAEh5m7ba0ZoNrM3hQ7MqwmYwkn-0JuNW3nF9m500Kpc-A==

GET
H2 200 icomoon.ttf
gheed.com/static/assets/fonts/ 19 KB
10 KB 65ms
65ms Font
font/ttf 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/fonts/icomoon.ttf?4mwllp
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a8f966928d56817417b1ba8124f61f066febcc2fceedc04ec039868709a201ed

Request headers

Referer: https://gheed.com/static/assets/css/fonts.css
Origin: https://gheed.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:33:27 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:01 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 74091
etag: W/"4a80-182d58812e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: GYCyrqni8Lb2-IPFbxwJN9PFm08lbfG7Eq-AfIDW0W2q4V9R54Im0w==

GET
H2 200 g-rvJ8 Show response
gheed.com/prod/raffles/ 3 KB
3 KB 193ms
193ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/g-rvJ8
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 58814492f015c2222240c49cc7652344fa82b940a8e4cf20a7fbca0861014d18

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2719
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 7a1fa876-2f70-4409-98a1-be18440afe04
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWSFi_FiAFf2Q=
content-length: 2719
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-7c8dd6b02a63662d66c0bc75;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: 2LD6UtdH3yhpb9HxH24poy1PSYik-PMqNFyJguGTD8FQIgxo0Dhsbw==
expires: 0

GET
H2 200 prizes Show response
gheed.com/prod/raffles/ 529 B
1 KB 436ms
436ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/prizes?id=g-rvJ8
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 72a5fbeb40e9bc121537a6e160fe4dfabfa4910e98d3656f71a39ce7b6c4cf20

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 529
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 046c94bb-ad21-42e0-becc-836f0bfd8189
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWSEPHFiAFopw=
content-length: 529
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-4dfd982510de242302ee6c46;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: tuRtDpNQSc6K0FKVkZnsqYOc7bPFokLOwB1p-rh1xBhD3kW4okYDjg==
expires: 0

GET
H2 200 ways Show response
gheed.com/prod/raffles/g-rvJ8/ 3 KB
3 KB 149ms
149ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/g-rvJ8/ways
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 635cd4d780224954603f204c7fb194d4de3c92ec5a3250613510b2412b6c6a41

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2644
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: d0ea416f-cd6c-4909-936c-e6a70c50201a
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWSFevFiAFppg=
content-length: 2644
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-2dc7fc792e174a3b2410f14f;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: FqZoyPlCcv9bZVX1YKll1NGdUekiKRG_EnHFfwxmsA7WilnpRoxbSA==
expires: 0

GET
H2 200 coupons Show response
gheed.com/prod/raffles/g-rvJ8/ 37 B
556 B 116ms
116ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/g-rvJ8/coupons?language=en
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 4c58a86fd8c7a2bb567307dba18767342499e50a86633b3321a34c9465d741c0

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 37
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 2255c050-396e-43c4-8539-b333d3f92482
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWSEIqliAFbLg=
content-length: 37
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-0d4002000513f3c30b3bebf1;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: rb05Je3fHPESTNt496se4QblZmq3D9mHjs4gGPktqiviGE-5WH7n8A==
expires: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7050 851 B
677 B 312ms
171ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=70b3ba5501b9d46a69392fefa007ec628ae4696c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fgheed.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 18 Oct 2022 01:06:47 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 18 Oct 2022 01:06:48 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9c3dcfc412bfe4b0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: f7927522526fa8eda135c95339cd8f4a3fc91a497f8dabf17ffb0fc41fd82f01
content-length: 355

GET
H2 200 a2360690e481ed6ab59c.worker.js
gheed.com/static/js/ 16 KB
4 KB 65ms
65ms Other
application/javascript 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/a2360690e481ed6ab59c.worker.js
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3249ff219f7e4f07589c4c7596beb9f689b00dabc9155733227785da33ebf203

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 03:57:05 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 15:04:57 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 76185
etag: W/"3fcd-182d588eda8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3281
x-amz-cf-id: F_AXgbj__dB5aQDmYu74PmGILe2NCQIWoliM6IHBB6Q3MMfRA5ha-A==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0898 52 KB
24 KB 216ms
72ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=fi&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=tli67wo2352i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 16:48:18 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 0898 395 KB
157 KB 250ms
106ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__fi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b00f49a68665fcb3562a58ec95e9314c2eb6513c5b29cfcc870fa453436beba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161079
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 21:17:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 223ms
78ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1761811786&t=pageview&_s=1&dl=https%3A%2F%2Fgheed.com%2Fgiveaways%2Fg-rvJ8&dp=%2Fgiveaways%2Fg-rvJ8&ul=en-us&de=UTF-8&dt=Giveaways%3A%20Detail%20%40%20GHEED&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=1941201175&gjid=413533188&cid=1365006615.1666055208&tid=UA-119779375-1&_gid=489911350.1666055208&_r=1&_slc=1&z=1819845036

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gheed.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 01:06:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gheed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
694 B 237ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gheed.com&callback=_gfp_s_&client=ca-pub-7430270068753912&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7430270068753912&plah=gheed.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce821a0ab47967b016ece28e72ab982b8fd58639f5c033dc919aadd219f120a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
792 B 277ms
81ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=gheed.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 250ms
82ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gheed.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgheed.com%2Fgiveaways%2Fg-rvJ8&tn=DIV&cls=sc-bbmXgH%20cmgFux%20mui-fixed&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Oct 2022 01:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C852 603 B
68 B 238ms
92ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7430270068753912&output=html&adk=1812271804&adf=3025194257&lmt=1666055208&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgheed.com%2Fgiveaways%2Fg-rvJ8&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666055207738&bpp=3&bdt=870&idt=418&shv=r20221013&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3233892354230&frm=20&pv=2&ga_vid=1365006615.1666055208&ga_sid=1666055208&ga_hid=1761811786&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531705%2C44774292&oid=2&pvsid=3221281898720215&tmod=1823549315&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 01:06:48 GMT
expires: Tue, 18 Oct 2022 01:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK original.jpg
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/system/backgrounds/3fc63570-020d-4f45-ba79-56894dd6d206/ 558 KB
558 KB 251ms
109ms Image
image/jpeg 52.219.72.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/system/backgrounds/3fc63570-020d-4f45-ba79-56894dd6d206/original.jpg
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4ddd24a42e839ef5449c466eb475b1609b83446c4de9965ee72f4d55dce308d6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:49 GMT
Last-Modified: Tue, 17 Jul 2018 12:37:26 GMT
Server: AmazonS3
x-amz-request-id: W2EEEXM2XSE0J2CA
ETag: "dd51385152cee3478b11d2ab0528287f"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 571131
x-amz-id-2: 8i9Gjo7htklZlI6qSuSn+ImI6SQlsfIEuvSJ7S8z0FlPJd1AdWZlekbhIASL9Gzzdp/AZcqsAgY=

GET
H2 200 37eaa244-980e-4801-a636-ef4d31f09393
gheed.com/prod/images/ 24 KB
25 KB 163ms
162ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/37eaa244-980e-4801-a636-ef4d31f09393?variant=original
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 84d778fd52d988a590f2bbb985c8eae943b1534e6cc87572aacfe6722dd0c000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 24858
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: eda9c374-d502-4f1a-9642-3b9a8100afea
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWUFGOFiAFgeA=
content-length: 24858
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-6faac35c4499f8c75a8776be;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: FzdG9zRGHzMRQkkxi0--JDuMjwY5e_PWLA79yPRcPqBuzB-iI-Ik3A==
expires: 0

GET
H2 200 7cdcc289-f2c3-4b0d-a13a-313012947539-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 49 KB
50 KB 266ms
108ms Image
image/png 2600:9000:2394:fe00:19:f28c:cd8e:cd41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/7cdcc289-f2c3-4b0d-a13a-313012947539-profile_image-300x300.png
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:fe00:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 671b98ed3c5ede905fc36718af143af34dc9ea87b2a6804bf089fed4e0da9dd4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 128
x-cache: Hit from cloudfront
content-length: 50659
last-modified: Fri, 31 Dec 2021 21:00:15 GMT
server: nginx
etag: "8cb2265a6e75eda17f7a9a16774bbd84"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: jw3dw-mmuMNGv1s20gbGe2Cqj3zDEln-vqUXLgvr6JfAFTQg1FuIsw==
expires: Tue, 18 Oct 2022 05:04:40 GMT

GET
H2 200 mostpopular Show response
gheed.com/prod/raffles/active/ 30 KB
31 KB 1294ms
1294ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/active/mostpopular?limit=20&mode=preview&featured_included=true
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 602ece7c38b082e2c513967165fe7b3568df743d6a14ee02169cd19ea5ff9dd4

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 31165
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 9afe7fa2-ecc2-45fb-affd-aaa5aaec78e1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWUHEIFiAFusQ=
content-length: 31165
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-192b707e72ecc42e1f74ac6d;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: ndWG-fhY8K59UzCzDqOT9TQHJuWI3olJgHvHZBL6a67cg9C4iVmdEA==
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 253ms
79ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-119779375-1&cid=1365006615.1666055208&jid=1941201175&gjid=413533188&_gid=489911350.1666055208&_u=KEBAAEAAAAAAACAAI~&z=228330445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gheed.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Oct 2022 01:06:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gheed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d70297ea-a3d7-413c-acee-16c7327a0cf8
gheed.com/prod/images/ 85 KB
86 KB 132ms
132ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/d70297ea-a3d7-413c-acee-16c7327a0cf8?variant=undefined
Requested by: Host: gheed.com
URL: https://gheed.com/giveaways/g-rvJ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: eb098df4032d48f47b122b8faad3d0cc35a280815b36a6fb03955c5df814f8eb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 87157
x-amz-cf-pop: FRA56-C1, FRA56-P2
x-amzn-requestid: 7a878059-606b-4c86-8dab-ac482c53a3c5
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWXG0uliAFcHA=
content-length: 87157
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc28-62ca2a132df964c8277a2e47;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: Gv2uS-GrkYvSacfYb5Ff_HlvtmHCvIkO0JWGO3Qd7BuaPhLOhlbviA==
expires: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0898 2 KB
2 KB 71ms
71ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 540420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 18 Oct 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0898 15 KB
15 KB 218ms
73ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 547207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Oct 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0898 15 KB
15 KB 216ms
71ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 9929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0898 102 B
134 B 81ms
81ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=vP4jQKq0YJFzU6e21-BGy3GP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24c4d14c4ac1c48c54655df941b69daebdad9792837333cbcf86f57c76a90a40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=fi&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=tli67wo2352i
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 01:06:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 233ms
86ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221013&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d50693b0126f9439fbfb26d10f40828047a8b1f92551e241e19b9353ca4862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11150
x-xss-protection: 0

GET
H2 200 categories Show response
gheed.com/prod/ 2 KB
3 KB 70ms
67ms XHR
application/json 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/categories
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 84dd8d71b036cbe1ef3e4ae52117f15aaca29130b47d883933b0048b53a45e78

Request headers

Accept: application/json
Referer: https://gheed.com/giveaways/g-rvJ8
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:05:20 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2384
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 89
x-amzn-requestid: e6c844cd-2278-4a27-94a6-d100ca7dbbb8
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRIiEgxliAFeNA=
content-length: 2384
pragma: no-cache
x-amzn-trace-id: Root=1-634dfbd0-2c416ae8570a33c752c3d3f9;Sampled=0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: TYARo5LDBhfGA9ucVHTFETG-jOUT6LYquC9roAXJJ5106qEi65dtuA==
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 247ms
80ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 01:06:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECDC 13 KB
5 KB 223ms
71ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 12004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 21:46:45 GMT
expires: Tue, 17 Oct 2023 21:46:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD2F 783 B
534 B 83ms
82ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b32796ff85c88dbcab2ce6512ba70f357fd64ec9bf5555e7e0068c44fc650d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aP7B9r0oOq9cPQfbYrT2dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aP7B9r0oOq9cPQfbYrT2dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 01:06:49 GMT
expires: Tue, 18 Oct 2022 01:06:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD2F 0
0 106ms
105ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221013&jk=3221281898720215&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 0f6e875a-3a8a-475d-b4cf-1c8f5fd15733
gheed.com/prod/images/ 164 KB
165 KB 148ms
146ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/0f6e875a-3a8a-475d-b4cf-1c8f5fd15733?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: be5162d9ee97767705a8fd973ecf0d3c2d31c62d06359c10f3c5425528b69cbd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 168234
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 137086c0-5a4c-4e5e-9646-45a92dba78b4
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWhHNyFiAFhUA=
content-length: 168234
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-431b16d1271d2c9964366bf7;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: 4lDauhOhsOS_lvfUtrnKCZDK0eol9_siPVGAsLGp_y5F6SOFwf93vQ==
expires: 0

GET
H/1.1 200
OK original.jpg
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/1074f511-bba8-44d8-9ab4-bf313722c22a/ 9 KB
10 KB 77ms
77ms Image
image/jpeg 52.219.72.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/1074f511-bba8-44d8-9ab4-bf313722c22a/original.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f622524ca731b6d8f7d3b13a8f0dc1d2b91286013512ffe4bdf3d439f4a16994

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:50 GMT
Last-Modified: Mon, 20 Dec 2021 16:58:31 GMT
Server: AmazonS3
x-amz-request-id: PS0YTPCGNSX98KMW
ETag: "b7ffb4ca55d4e48e5a031da173ead627"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9555
x-amz-id-2: BcRFQ8QHNl8bWrDJfpgUnByN1GDQjM5SPB24WdoysbNLvyHuo2Ha6L4U2dm0dT33ohP9ReYsi4Q=

GET
H2 200 591e501a-b529-4a9e-88f0-83af70b6dad3
gheed.com/prod/images/ 46 KB
47 KB 196ms
192ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/591e501a-b529-4a9e-88f0-83af70b6dad3?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 44835ce89d0f716b93f61b11a7565d000598944d8774207f3fd22ed63c5c1380

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 47218
x-amz-cf-pop: FRA56-C1, FRA56-P2
x-amzn-requestid: 280b6811-e86e-4547-a79c-92c58e60abe8
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiEa5FiAFQ-Q=
content-length: 47218
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-59a4e0a005a692fc701a5601;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: UhrQCwxykqx1asgAANZDfw648_-MK2nyWAYSzmtx7PQngvbtnFihRw==
expires: 0

GET
H/1.1 200
OK original.jpg
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/5dd4cea7-f08a-4496-8825-dae8151e86c9/ 12 KB
12 KB 156ms
77ms Image
image/jpeg 52.219.72.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/5dd4cea7-f08a-4496-8825-dae8151e86c9/original.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c21a4eb2bed08302b584c7b3915b9cedf22218e93d65978ebf9b4cf3bd954de6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:50 GMT
Last-Modified: Thu, 13 Oct 2022 13:51:30 GMT
Server: AmazonS3
x-amz-request-id: PS0RAC18RH0W4BED
ETag: "949c7b9f7871e0ec0e2f3d06d2157408"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 11975
x-amz-id-2: dZ5fGKnA9l2uYYu63uCrkswSJo/hfbO1JnYC6f7gO2EUrBjudhtZnyKcJLjy3uB7iVNnMkrSDGQ=

GET
H2 200 48004026-c52d-450b-9e59-4845f006e7ea
gheed.com/prod/images/ 483 KB
484 KB 225ms
221ms Image
image/png 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/48004026-c52d-450b-9e59-4845f006e7ea?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: e1b678b8340a35b520a970e8425b071b0913708cc77caa349d8a1e6d74ac10d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 494918
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: f49404e1-79ee-4f9b-ab27-b7391004498f
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiHNwFiAFWNw=
content-length: 494918
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-63e04918631dc32238f3a035;Sampled=0
content-type: image/png
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: CQigha7kNLFxq6KQuMNq0hE3z_6Ch5wTMHdx48NjSHvM92lCgPnbww==
expires: 0

GET
H2 200 e087ed3a-0530-46df-8b81-208e309e5899-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 10 KB
11 KB 82ms
79ms Image
image/png 2600:9000:2394:fe00:19:f28c:cd8e:cd41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/e087ed3a-0530-46df-8b81-208e309e5899-profile_image-300x300.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:fe00:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1ae7972581ced54424e9da6c1c0f19faeb053426c136eead1ccace3dd957d0f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:08:21 GMT
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 10708
x-cache: Hit from cloudfront
content-length: 10429
last-modified: Wed, 20 Jan 2021 15:25:41 GMT
server: nginx
etag: "4e05bbd84d3d8b37ee43a82fc7606768"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: mUGUhPk95EU8Dyhjh8TWhakM8yWHK8J3VkQTX9iKFr5ZgPDuZ4e7mA==
expires: Tue, 18 Oct 2022 02:08:21 GMT

GET
H2 200 cfa34a69-810e-488f-a31b-167cfa488f9b
gheed.com/prod/images/ 376 KB
377 KB 198ms
195ms Image
image/png 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/cfa34a69-810e-488f-a31b-167cfa488f9b?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 431ef0d6abb4315d170e6cf9f39c30477af26c63b126e4ce7d60ed1b918b6780

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 384868
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: d6266e1c-3d9c-425f-9a0a-d51b092b8d61
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiGWVFiAFScg=
content-length: 384868
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-1e18232c4163191005ef1426;Sampled=0
content-type: image/png
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: t6dzmmxg06BwA2MgvnroIcOCfhWeSlzKSTO6qErgSIaWladrN4lWfw==
expires: 0

GET
H/1.1 200
OK original.jpg
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/7f3d7243-11a3-45db-9fdd-b13ec77a7217/ 4 KB
5 KB 212ms
78ms Image
image/jpeg 52.219.72.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/7f3d7243-11a3-45db-9fdd-b13ec77a7217/original.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d6b77de982ecfd97886dead4dfd63dba867ce1321227751e9746b648546c31ce

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:50 GMT
Last-Modified: Mon, 03 Jan 2022 17:59:44 GMT
Server: AmazonS3
x-amz-request-id: PS0NF4HDGY8VV3YG
ETag: "237c2f992c2e95564defa686688b07b3"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4318
x-amz-id-2: P3VC52fcH4gHDLcWqrBL+NnxXCFDyn41Re2boAa0GFwDr9I/6rfYPZiVotRILEWxFC9RkySqVug=

GET
H2 200 3db39001-4af2-4de5-a8ed-ee960f61e711
gheed.com/prod/images/ 26 KB
27 KB 4969ms
4967ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/3db39001-4af2-4de5-a8ed-ee960f61e711?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 892975a8d7f240139ecfcdc6180e5a035ae3e9a91d514ed0ee12463a8338bb10

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:54 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 26901
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 8a899dfc-04ce-446e-812b-02a0d1191000
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiFMwliAFdyw=
content-length: 26901
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-048d534903a21f3a78315d72;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: WfY5HbJc-sROCHeze8-uFCbHa1dS-k2rSGUE3YbPlkbdhpVvJAnBhw==
expires: 0

GET
H2 200 2e14d8cd-63c1-400a-8b42-48659b26fbb3-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 117 KB
117 KB 87ms
85ms Image
image/png 2600:9000:2394:fe00:19:f28c:cd8e:cd41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/2e14d8cd-63c1-400a-8b42-48659b26fbb3-profile_image-300x300.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:fe00:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b964979933ebb6f7ad930843cda302a41031dd5e43cb14b3ecc370b23be31bc1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:49:01 GMT
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 8268
x-cache: Hit from cloudfront
content-length: 119350
last-modified: Tue, 20 Aug 2019 22:08:33 GMT
server: nginx
etag: "26d79c908e1a4ef1aff32fad24055132"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: GFEc3vgrYIhhEJKsqQAc1e3sHfB0GaWuVUb7cVXnDJqv3zJtL1j4iw==
expires: Tue, 18 Oct 2022 02:49:01 GMT

GET
H2 200 43756e68-4048-4531-9a44-2f86eba60784
gheed.com/prod/images/ 65 KB
65 KB 151ms
149ms Image
image/png 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/43756e68-4048-4531-9a44-2f86eba60784?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 6fe99bb6d6f1eefa9984ac289776a127e2abd4918f5b646ec73fd1f2bd159942

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 66340
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 652afb6d-73d9-450d-b4d6-4464c3ee4638
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiFvwliAFrzA=
content-length: 66340
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-3ef0c3ab5fb4d6291b8ee34e;Sampled=0
content-type: image/png
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: uDeIe1L3ENvt_TCH0EUIXXPib_9w-Iqsy3AxyumoCwrreOVdXlSE7Q==
expires: 0

GET
H/1.1 200
OK original.png
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/136d3862-21e2-4dcf-a410-2c7cbf5e8456/ 4 KB
4 KB 210ms
77ms Image
image/png 52.219.72.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/136d3862-21e2-4dcf-a410-2c7cbf5e8456/original.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6289be0c53b8faf3abc72de71de8b8bdb8e5dd86da138278e8d9d555a4c710b7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 01:06:50 GMT
Last-Modified: Mon, 05 Sep 2022 09:31:34 GMT
Server: AmazonS3
x-amz-request-id: PS0HRFXCRWW24JK2
ETag: "879a3a969fa7870ac2fe54197f1a22f1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3702
x-amz-id-2: 37DvwGlcBd+MR2/fWNlxqOhT2Ljoohvq0+9pmuAmk6j8CbOgTFoKQBeUQojnfCVjUib15EU3910=

GET
H2 200 5da7e355-6d67-4c37-8965-f64cca08daef
gheed.com/prod/images/ 19 KB
19 KB 141ms
139ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/5da7e355-6d67-4c37-8965-f64cca08daef?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: ca6d7f7d53c4788d42b9976026232701ada156acb5dbf536d957a9f26715579e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 19180
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 1ca945e4-e617-4969-a675-7e8b49fc3765
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiFuvFiAFmsw=
content-length: 19180
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-3efb64206f9496c51c9f75a4;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: XJoe7v0QWkTq-ny5iTSGg-rQDx30ohr91Xky5RCb1_Xtn_1_yXXGvg==
expires: 0

GET
H2 200 f4235fa1-3b60-4198-aabe-9a0e6046cbce-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 92 KB
92 KB 88ms
86ms Image
image/png 2600:9000:2394:fe00:19:f28c:cd8e:cd41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/f4235fa1-3b60-4198-aabe-9a0e6046cbce-profile_image-300x300.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:fe00:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ccaddf05652f5f4e2951b5526417f1faa12238220e2945cf5eeb7967d5ae2f2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 23:27:58 GMT
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 5931
x-cache: Hit from cloudfront
content-length: 93732
last-modified: Mon, 07 Jun 2021 16:03:30 GMT
server: nginx
etag: "abcd19a28bdfea0fde56dad6a3444777"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: y88ou_oqoZuTzZ2Ry5waiZEZjQrDWXwNa5BsGeoqGZ58aXW9KuYYsg==
expires: Tue, 18 Oct 2022 03:27:58 GMT

GET
H2 200 4a5d73fe-7660-4644-b633-ac9040ba86f8
gheed.com/prod/images/ 84 KB
85 KB 135ms
134ms Image
image/jpeg 18.66.97.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/4a5d73fe-7660-4644-b633-ac9040ba86f8?variant=520x416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-51.fra56.r.cloudfront.net
Software: /
Resource Hash: 770859dc67bbe80705742b4ab0ec67fa72d85d5a6184652b7af4ff8de97e5d05

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/giveaways/g-rvJ8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 86268
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: fbff2062-ec65-482a-8821-5973c6f0cf90
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: aLRWiEuXliAFVGg=
content-length: 86268
pragma: no-cache
x-amzn-trace-id: Root=1-634dfc29-73c0c13152f764aa19fabd4f;Sampled=0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: bNbzSL53YgyaZURIi8DlRsvmuF-fl9mIBwFNPFW9h1Ru1LWxAUdccA==
expires: 0

GET
H2 200 eb15fd9e-414f-43b6-a559-a06b88096fda-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 100 KB
100 KB 307ms
305ms Image
image/png 2600:9000:2394:fe00:19:f28c:cd8e:cd41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/eb15fd9e-414f-43b6-a559-a06b88096fda-profile_image-300x300.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:fe00:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a79504300981b28a1eb03f7ec15b1c508addee005fa6d72259f32098927b8cd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-length: 102100
last-modified: Wed, 08 Dec 2021 08:24:39 GMT
server: nginx
etag: "ff3baef8f0a57944a41c72e795ad1ed9"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: p9qUmfn85WBreVXRtFE5iji3Tx3Z5olhZ3tsG9e_Av-Xb0XNNVsqVw==
expires: Tue, 18 Oct 2022 05:06:49 GMT

GET
H3 200 cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js Show response
pagead2.googlesyndication.com/bg/ Frame ECDC 36 KB
16 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cfKUDseLxMX_VMI_uao_rq0MKOaeCrg8GZjSFxmotG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 19:42:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ECDC 0
10 B 71ms
70ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z2iiBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:06:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
109ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221013&jk=3221281898720215&bg=!0NOl05fNAAYeOJy_Pjg7ACkAdvg8WnooqRJuKmNSkRm-6eYQXJ79paJChhfCZ8ipH8AeNH545JmiwAIAAAB_UgAAAAloAQcKAGMvQlHwhFRULOByaD6dfvkiGYwqaJGCipMWt1TJKsjii-ASDthDkHmUF4WVBjKKuzECKVteH2v3iA2mAF7m1zphiVwa5scacjfwS8dmpWb5HBAiuVM_UJsFYZbD-nI23A7e1_WZApurwXfg_ZmQeOGGJmvKtx0LxoEk3LRwQ4K-b9Bm1mKGOPgsCmNSfqzRxgrwknqLBrrUm8jPJszeTrdNOJ0KF93zJCbJ-oi9mkhSVWs7_5DDZazOSE6DM4BNljkFC-wgptFHUZPVvz22w0RG2HDcaBKyZulPH2IpAVeG5Q1CO9xZ45uVvWpvYAcBCUjl7IrWSbAFH_HajKogJ-jhj3s-Xkc2bTn8mUU6dqTTg49yJeKRBe8kObg8JWYNb_sSs8kDWDt3nCUPdvvNjRqUfb-ZqrV1p_H2XdcNMuMvmCheu3MtxaEqaQASpIkRxv91Pag-rAGfuqTPwEyZ7kF96hF-HBy0ZaUx84PVpqnGlIeBRzlalRRIeFDBwWuFHgEfdZyVhGBVqvd4P0D18ilMiVXeIeYvcArzRhL1HAiugB6XvsK9G3J6U7NiRbB4XyuNrJCaGA6Xb6Ix4Xk2van9BKLc_JmVAKgNE6fScpbiqR96VSiJCafpFKUOiF6OCmGkYsMEAFtlfEVxaDiaqUgFj9susOZLLqVzP903E28xw8lYe9tJm7HyM6S3E-bCNfUGxbuMrIwHmDpyd7ybyG8IICjX2NYWpHS2jCGleQV_5Kde5Upo1scvEwA8nBPHXEnT1QvcitguPmbaCCojNzoydR-FSAE_OENneQRqSADOfj-8yU5nAYbuvsHxtKS002T9z6T9TxG6MlLjd7ME5HTtS1Xlu627ANbogSUud-F3IriWDES9NHAmuzrbBjj8HAdNPQKRHIqn1CnDQCp2qtGIh5AHLdr7ADYDJKmWTmvey1yCaZdVzuMHj96RJU3KSqCuc-tQr2Bd4GIjY_LUH4TP9MjpxdroynIOunin58SvAM5ZMFtG8QkKNNwxGH63G-Ol
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: o-5U-RhYIX0
.youtube.com/	1970-01-20 11:06:47	Name: VISITOR_INFO1_LIVE Value: ah8BvvL6Du0
.gheed.com/	1970-01-20 16:23:35	Name: _ga Value: GA1.2.1365006615.1666055208
.gheed.com/	1970-01-20 06:49:01	Name: _gid Value: GA1.2.489911350.1666055208
.gheed.com/	1970-01-20 06:47:35	Name: _gat Value: 1
.gheed.com/	1970-01-20 16:09:11	Name: __gads Value: ID=9cbbad8fa966e399-22a39fbf49ce00d9:T=1666055208:RT=1666055208:S=ALNI_MZl3Dgv5SfRF6Jwk3MVc6uJinun2g
.gheed.com/	1970-01-20 16:09:11	Name: __gpi Value: UID=0000088659406436:T=1666055208:RT=1666055208:S=ALNI_Mb0NsGjx4JLo2j1DOOjjg2V4SaXmg
.doubleclick.net/	1970-01-20 06:47:36	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fi
embed.twitch.tv
fonts.googleapis.com
fonts.gstatic.com
gheed.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
s3.eu-central-1.amazonaws.com
static-cdn.jtvnw.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.paypalobjects.com
www.youtube.com
104.244.42.200
151.101.2.133
18.66.97.51
199.232.138.167
2600:9000:2394:fe00:19:f28c:cd8e:cd41
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
52.219.72.84
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019fb44cafe54bd432a0f174ab70e7aae37e2998f0182c5e248e2d55319bd446
0e5ef2849720f0f57ee42182907a2a99dbeca9052ffa95eb8e60e550dd27e694
1b00f49a68665fcb3562a58ec95e9314c2eb6513c5b29cfcc870fa453436beba
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9a45d0e1d5117dcf8afef7611e4b1bcce8601bf12b0f9323420c71233a06db
24c4d14c4ac1c48c54655df941b69daebdad9792837333cbcf86f57c76a90a40
2a79504300981b28a1eb03f7ec15b1c508addee005fa6d72259f32098927b8cd
3249ff219f7e4f07589c4c7596beb9f689b00dabc9155733227785da33ebf203
32edf2d7ce31a18cd919c12e7d51684640b6ef44c65b15da80beac7832ba4f1e
3c052c239f112d8a87865f56d70dfe3c0cd53ad2ac9e9c53f5697b06eb3d4a9c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
431ef0d6abb4315d170e6cf9f39c30477af26c63b126e4ce7d60ed1b918b6780
44835ce89d0f716b93f61b11a7565d000598944d8774207f3fd22ed63c5c1380
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c58a86fd8c7a2bb567307dba18767342499e50a86633b3321a34c9465d741c0
4ddd24a42e839ef5449c466eb475b1609b83446c4de9965ee72f4d55dce308d6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58814492f015c2222240c49cc7652344fa82b940a8e4cf20a7fbca0861014d18
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b32796ff85c88dbcab2ce6512ba70f357fd64ec9bf5555e7e0068c44fc650d7
5c040af8bf974422f63c8a54c44b2eb23f80f9f01898d90e0455154cce9596d0
5cb367f29a4f8ab0ff7b0b64558bd2b5893a8e6999cb9ac934389206c60e5c49
602ece7c38b082e2c513967165fe7b3568df743d6a14ee02169cd19ea5ff9dd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6289be0c53b8faf3abc72de71de8b8bdb8e5dd86da138278e8d9d555a4c710b7
635cd4d780224954603f204c7fb194d4de3c92ec5a3250613510b2412b6c6a41
671b98ed3c5ede905fc36718af143af34dc9ea87b2a6804bf089fed4e0da9dd4
67617a63e4b3c5921085d11b8db467f81262b155eb5a1cd6b189bafa80f4d108
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9af82f28d30f6fd57fdd31e7d502defeeae2f2b026e2f64b056fc569fbfc6e
6fe99bb6d6f1eefa9984ac289776a127e2abd4918f5b646ec73fd1f2bd159942
715c241044a0fe127bd6140a4e1d34271e9ababd1e7f62c359d39f9fb08c8f81
71f2940ec78bc4c5ff54c23fb9aa3faead0c28e69e0ab83c1998d21719a8b46f
72a5fbeb40e9bc121537a6e160fe4dfabfa4910e98d3656f71a39ce7b6c4cf20
770859dc67bbe80705742b4ab0ec67fa72d85d5a6184652b7af4ff8de97e5d05
7937515634952bb025522495658ecae400216c5c3b22592d313f1baa5922c9cc
84d778fd52d988a590f2bbb985c8eae943b1534e6cc87572aacfe6722dd0c000
84dd8d71b036cbe1ef3e4ae52117f15aaca29130b47d883933b0048b53a45e78
85d50693b0126f9439fbfb26d10f40828047a8b1f92551e241e19b9353ca4862
892975a8d7f240139ecfcdc6180e5a035ae3e9a91d514ed0ee12463a8338bb10
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8ccaddf05652f5f4e2951b5526417f1faa12238220e2945cf5eeb7967d5ae2f2
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9e7b1c3d14a6f4ae83d6903e1ca998accc6340c86db646945fc4f7ae41343cfb
a1ae7972581ced54424e9da6c1c0f19faeb053426c136eead1ccace3dd957d0f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86020ec30fd3289673df20ba59b8d67104c3a0c48d09e9208169af1fb992fb6
a8f966928d56817417b1ba8124f61f066febcc2fceedc04ec039868709a201ed
aa6ea4dbf82068f55270e3dcfcc9353af725dde8c52a75e2523671a682ef83b4
aec539715dd6d27a2c98b2ccac35cf08801b412cf8ee2c6f9bed1a904f8a7431
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b964979933ebb6f7ad930843cda302a41031dd5e43cb14b3ecc370b23be31bc1
be5162d9ee97767705a8fd973ecf0d3c2d31c62d06359c10f3c5425528b69cbd
c21a4eb2bed08302b584c7b3915b9cedf22218e93d65978ebf9b4cf3bd954de6
ca6d7f7d53c4788d42b9976026232701ada156acb5dbf536d957a9f26715579e
ce821a0ab47967b016ece28e72ab982b8fd58639f5c033dc919aadd219f120a0
d6b77de982ecfd97886dead4dfd63dba867ce1321227751e9746b648546c31ce
d716c97ecb7fdf23a8e7d9a8f58590a7978db39aed5d8f8dc091e227a4d6e313
dfdcc2bd0f3e869c5be6e5a6b300a4a5519bb7e6f2b5aad0744acaeee2c30bc3
e1b678b8340a35b520a970e8425b071b0913708cc77caa349d8a1e6d74ac10d8
e250dbda4c4c6fbdce8a2ba3ab95a21ceadb9b870edfb29dc14dc7b1653c4231
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb098df4032d48f47b122b8faad3d0cc35a280815b36a6fb03955c5df814f8eb
f622524ca731b6d8f7d3b13a8f0dc1d2b91286013512ffe4bdf3d439f4a16994
f6ac4c7dee0700961ca2565b269df2b9a806e198b912a12fb48e60fd96c37979
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

gheed.com Open in urlscan Pro 18.66.97.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

75 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

4119 kBTransfer

7885 kBSize

8 Cookies

5 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gheed.com Open in urlscan Pro
18.66.97.51 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

4119 kB
Transfer

7885 kB
Size

8
Cookies

76 HTTP transactions
0 data transactions