www.onegold.com Open in urlscan Pro
2606:4700::6812:17c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3mS6dNo
Effective URL:
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Submission: On March 17 via api (March 17th 2023, 5:43:26 pm UTC) from FI — Scanned from FI

Summary HTTP 53 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 53 HTTP transactions. The main IP is 2606:4700::6812:17c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onegold.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2022. Valid for: a year.

This is the only time www.onegold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 27	2606:4700::68... 2606:4700::6812:17c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.25.135 104.22.25.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
53	13

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:17c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.onegold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.25.135 (None, )

ASN13335 (CLOUDFLARENET, US)

www.shopperapproved.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	onegold.com 1 redirects www.onegold.com	494 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	551 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4452	95 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 783	304 B
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1546	11 KB
2	shopperapproved.com www.shopperapproved.com — Cisco Umbrella Rank: 17571	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2135	22 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 4831	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5069	255 B
53	12

	Domain	Requested by
27	www.onegold.com	1 redirects www.onegold.com az416426.vo.msecnd.net
6	www.gstatic.com	www.google.com www.gstatic.com
6	dev.visualwebsiteoptimizer.com	www.onegold.com dev.visualwebsiteoptimizer.com az416426.vo.msecnd.net
4	www.google.com	www.onegold.com www.gstatic.com www.google.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	ajax.aspnetcdn.com	www.onegold.com
2	www.shopperapproved.com	www.onegold.com
1	fonts.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	www.onegold.com
1	az416426.vo.msecnd.net	www.onegold.com
1	pro.fontawesome.com	www.onegold.com
1	fonts.googleapis.com	www.onegold.com
1	bit.ly	1 redirects
53	13

This site contains links to these domains. Also see Links.

Domain
thebullioncard.onegold.com
www.facebook.com
twitter.com
www.shopperapproved.com
support.onegold.com
www.youtube.com
apps.apple.com
play.google.com
www.bbb.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2023-02-04` - `2024-01-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Frame ID: A1240F2041AC2DF9E20CBA0F52BECA40
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&size=normal&cb=s6q0gfymvha8
Frame ID: 19ACBA7D8FD50721DF2F31605B22DC1C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku
Frame ID: 8D780E73C3FF9E97BD47A3D948292446
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OneGold™ | Register

Page URL History Show full URLs

https://bit.ly/3mS6dNo HTTP 301
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e HTTP 302
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

100 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

1242 kB
Transfer

3703 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://thebullioncard.onegold.com/
Title: Apply Here.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OneGold-Inc-2039920932705225

Search URL Search Domain Scan URL

URL: https://twitter.com/OneGold_?lang=en

Search URL Search Domain Scan URL

URL: https://www.shopperapproved.com/reviews/OneGold.com/

Search URL Search Domain Scan URL

URL: https://support.onegold.com/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwkU3RnwvFxVJzVCVe8BJtw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/onegold/id1491393914?utm_campaign=OneGoldWeb&utm_medium=web&utm_source=onegold

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.onegold.ogapp.prod&hl=en_US&utm_campaign=OneGoldWeb&utm_medium=web&utm_source=onegold

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/ok/oklahoma-city/profile/gold-buyers/onegold-0995-90062095/#sealclick

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3mS6dNo HTTP 301
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e HTTP 302
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.onegold.com/app/account/
Redirect Chain

https://bit.ly/3mS6dNo
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

56 KB
14 KB

206ms
178ms

Document
text/html

2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2242c8e7a3e677cdf00ab7a94851144802f0d2fcab9c7b127129607ce3ea8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7a9709945c6d376c-HEL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 17:43:18 GMT
pragma: no-cache
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
server: cloudflare
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7a9709914e81376c-HEL
content-length: 0
date: Fri, 17 Mar 2023 17:43:18 GMT
location: /app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
server: cloudflare
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 207ms
72ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 17:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 17:27:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 17:43:18 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.11.2/css/ 159 KB
31 KB 160ms
76ms Stylesheet
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.11.2/css/all.css
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:18 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: K0RB11YECQ0S4X6W
age: 14890
x-amz-id-2: Ak7jiDwPIBVy1/YnXGVC0rX2UwxlX+6j2LkgMBVJsepffmZuHaXL8U+49hOv08T0uI8A6+rNSxs=
last-modified: Mon, 28 Jun 2021 17:02:27 GMT
server: cloudflare
etag: W/"0a4f9d4e59a60dc91ed451d57e4a8b80"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7a9709961fb5d96f-HEL

GET
H2 200 vendor.min.css
www.onegold.com/css/ 427 KB
61 KB 502ms
500ms Stylesheet
text/css 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/css/vendor.min.css

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4638788daa42a13d9224cc4b484d30c64f615d0c40994fdcb41c20c0948bf1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Mar 2023 08:09:20 GMT
server: cloudflare
etag: W/"1d94c152008135e"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7a9709958edf376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 site.css
www.onegold.com/css/ 32 KB
7 KB 467ms
465ms Stylesheet
text/css 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/css/site.css?v=iJP5BkkmRoZKtG5CmThKttI5FXnH-wgQL8y3YQHrkUw

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8ac7c11273dbe4cfd09fd584e1334e24bc8000023435e4129402011e15222cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 26 May 2022 08:51:42 GMT
server: cloudflare
etag: W/"1d870ddd1f49dea"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7a9709958ee5376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 certificate.js Show response
www.shopperapproved.com/seals/ 510 B
790 B 191ms
96ms Script
application/javascript 104.22.25.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shopperapproved.com/seals/certificate.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:18 GMT
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
content-encoding: br
cf-cache-status: HIT
age: 23789
cf-polished: origSize=627
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 14 Mar 2023 07:37:27 GMT
server: cloudflare
etag: W/"273-5f6d74ca70161-gzip"
vary: Accept-Encoding,Origin
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a9709962a7416a1-ARN

GET
H2 200 og-logo.png
www.onegold.com/img/ 2 KB
2 KB 72ms
65ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/og-logo.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b45a5d2c62879d85e7cb267818d8682108d98a0327857eab927bd24abacc6a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3054
x-powered-by: ASP.NET
content-disposition: inline; filename="og-logo.webp"
content-length: 1708
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Sep 2018 07:32:16 GMT
server: cloudflare
etag: "1d44bfd0f888bee"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991cf2376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 onegold.png
www.onegold.com/img/ 1 KB
1 KB 488ms
482ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/onegold.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ca65d5151df6908ffea047b8754c34a2890c4089cd81a7adc8922a05fdbf82a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1310
x-powered-by: ASP.NET
content-disposition: inline; filename="onegold.webp"
content-length: 1106
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Jan 2022 10:49:58 GMT
server: cloudflare
etag: "1d80c5922a08a1e"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991cf5376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 $5-Cash.png
www.onegold.com/cms/ReferAFRiend/ 6 KB
6 KB 481ms
475ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/$5-Cash.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

90f4c4d96c3f7b707975d3ecaf93cee18394f0296bf274ed4bca421c87bab89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=14777
x-powered-by: ASP.NET
content-disposition: inline; filename="$5-Cash.webp"
content-length: 5836
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Nov 2020 16:27:21 GMT
server: cloudflare
etag: "1d6b1fe34394339"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991cf8376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 trust.png
www.onegold.com/cms/ReferAFRiend/ 4 KB
5 KB 482ms
476ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/trust.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

99afc368ef14febb1d4755549716a7a6e2015f4a3eb03c47ecfbfcfb6db1cd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=13572
x-powered-by: ASP.NET
content-disposition: inline; filename="trust.webp"
content-length: 4498
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2019 18:36:12 GMT
server: cloudflare
etag: "1d4d514a3840304"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991cf9376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 Multi-People.png
www.onegold.com/cms/ReferAFRiend/ 14 KB
14 KB 489ms
483ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/Multi-People.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

638a78b37948b4784dd47251fb6347bf76cedaa3e98e0b4d73931a421471c65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=40523
x-powered-by: ASP.NET
content-disposition: inline; filename="Multi-People.webp"
content-length: 13934
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2019 18:36:12 GMT
server: cloudflare
etag: "1d4d514a384a84b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991cfa376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 facebook.svg
www.onegold.com/lib/landkit/img/icons/social/ 624 B
462 B 486ms
481ms Image
image/svg+xml 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/icons/social/facebook.svg

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

684a44378c34ba23a477d200a5ac69584adff0807d19a3259b1c4ae4bdf1db8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: W/"1d5d5c17a9fe270"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7a9709991cfc376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 twitter.svg
www.onegold.com/lib/landkit/img/icons/social/ 892 B
580 B 505ms
500ms Image
image/svg+xml 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/icons/social/twitter.svg

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

80656dd29f781e4d9a51020efd9504f21bfb695a4fdd532ffbed3f7ccf4d6e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: W/"1d5d5c17a9fe37c"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7a9709991cfd376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 white-stats.gif
www.shopperapproved.com/newseals/29550/ 7 KB
7 KB 691ms
686ms Image
image/gif 104.22.25.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shopperapproved.com/newseals/29550/white-stats.gif

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.25.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47db28c94d729a6b2185c97814cb784ca20c92229fe10cee19c1b0dd444409c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
cf-cache-status: EXPIRED
last-modified: Fri, 17 Mar 2023 15:40:42 GMT
server: cloudflare
x-frame-options: sameorigin
vary: Accept-Encoding,Origin
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
content-type: image/gif
cache-control: max-age=14400
cf-ray: 7a9709991f0f16a1-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 button-app.png
www.onegold.com/lib/landkit/img/buttons/ 7 KB
7 KB 485ms
480ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/buttons/button-app.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c39ce856fbd7d31c75cb3ca6db838deaaac1c65ef9e9ae01e74f1ac2d3a849e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=21212
x-powered-by: ASP.NET
content-disposition: inline; filename="button-app.webp"
content-length: 7008
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9fb2dc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d01376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 button-play.png
www.onegold.com/lib/landkit/img/buttons/ 10 KB
11 KB 505ms
501ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/buttons/button-play.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ccc694d2d66c21c6a6e7211c2dd967b16934a39e682e68e9eab9de94eb7611cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=25385
x-powered-by: ASP.NET
content-disposition: inline; filename="button-play.webp"
content-length: 10738
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9f8329"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d03376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 footer1.png
www.onegold.com/img/ 906 B
1 KB 516ms
511ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/footer1.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

716ff494c6e77fd5bfa3173742fded445560ed6aa8caa0bf767099dac948a958

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1800
x-powered-by: ASP.NET
content-disposition: inline; filename="footer1.webp"
content-length: 906
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9fe708"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d06376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 footer3.png
www.onegold.com/img/ 1 KB
2 KB 487ms
483ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/footer3.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e30ff67776083878ce063bf77fa9ef3bb7452eb8022cb9afa5e1bb874845fc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2919
x-powered-by: ASP.NET
content-disposition: inline; filename="footer3.webp"
content-length: 1508
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9feb67"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d07376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 footer4.png
www.onegold.com/img/ 2 KB
2 KB 516ms
512ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/footer4.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

aa3d7067feeb4122002dc864a62e96840f2a295305cb629534dd8853db4907e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3940
x-powered-by: ASP.NET
content-disposition: inline; filename="footer4.webp"
content-length: 2202
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9fef64"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d08376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 footer5.png
www.onegold.com/img/ 3 KB
3 KB 486ms
482ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/footer5.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5653c4a03c9bbcf7dc1d3d00f49e42c9ffa4f74903495335093d06e617fffa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3881
x-powered-by: ASP.NET
content-disposition: inline; filename="footer5.webp"
content-length: 2752
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9fef29"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709991d0a376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 email-decode.min.js Show response
www.onegold.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 39ms
38ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:30 GMT
server: cloudflare
etag: W/"6407c11e-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7a9709987bfa376c-HEL
expires: Sun, 19 Mar 2023 17:43:19 GMT

GET
H2 200 vendor.min.js Show response
www.onegold.com/js/ 893 KB
237 KB 494ms
484ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/vendor.min.js?v=ApJLs6Siu_C1pGoOrg29xkBMU20aFEEzBF5m1gstfAQ

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

02924bb3a4a2bbf0b5a46a0eae0dbdc6404c536d1a144133045e66d60b2d7c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Mar 2023 08:09:20 GMT
server: cloudflare
etag: W/"1d94c1520034b09"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a970998dc8c376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 all.min.js Show response
www.onegold.com/js/ 38 KB
8 KB 459ms
458ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/all.min.js?v=c3AkHhEsoxGNwbjPiYTallsjhNcutIBwOlbfTH-P9FQ

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7370241e112ca3118dc1b8cf8984da965b2384d72eb480703a56df4c7f8ff454

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Mar 2023 08:09:20 GMT
server: cloudflare
etag: W/"1d94c15200e2fcb"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a970998ecba376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 common.js Show response
www.onegold.com/js/ 13 KB
2 KB 65ms
59ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/common.js?v=PmcPr3pQWvH2AlZn82fKyWBP6K1uezloxoPs9x4yUrM

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3878d16e63d984ff40cd135fb381097c7829e84e694165e5221b113eca6f9227

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 10 Feb 2023 10:01:16 GMT
server: cloudflare
etag: W/"1d93d369d418bc4"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a9709990ced376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 233ms
72ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8075544f468da6db8bdc3dd7df5f871a4f78efd1e4e18e2efefaef5579baa5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 17 Mar 2023 17:43:19 GMT

GET
H2 200 jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 21 KB
9 KB 203ms
40ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F7A2) /

Resource Hash

2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23301670
x-cache: HIT
content-length: 8518
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:30 GMT
server: ECAcc (ska/F7A2)
etag: "54f11b72d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/ 5 KB
3 KB 205ms
42ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F7B8) /

Resource Hash

13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11368791
x-cache: HIT
content-length: 2475
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:43:24 GMT
server: ECAcc (ska/F7B8)
etag: "53b63b92d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
4 KB 165ms
71ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574420&u=https%3A%2F%2Fwww.onegold.com%2Fapp%2Faccount%2Fregister%3FreferralCode%3D8595c543f98c4157bf5c691000764b3e%26cb%3D1&f=1&r=0.7349571621769593
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e8ce8d8de3d5e8780df4beaaaf04030a7c8dafcdcc4ee5c4024e3c6c0f40e38c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:18 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1679030502"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Avenir-Medium.otf
www.onegold.com/lib/dashmix/fonts/dg/ 60 KB
32 KB 472ms
472ms Font
font/otf 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/lib/dashmix/fonts/dg/Avenir-Medium.otf

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/css/vendor.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

76294ce7aff1b11591024f02b45e7c849b6a6bf1fabd128a2ad4852720016f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onegold.com/css/vendor.min.css
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Jul 2018 05:25:36 GMT
server: cloudflare
etag: W/"1d41d8e9735a7a0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 7a9709992d11376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 HKGroteskPro-Regular.woff2
www.onegold.com/lib/landkit/fonts/HKGroteskPro/ 38 KB
38 KB 477ms
477ms Font
font/woff2 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/lib/landkit/fonts/HKGroteskPro/HKGroteskPro-Regular.woff2

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/css/site.css?v=iJP5BkkmRoZKtG5CmThKttI5FXnH-wgQL8y3YQHrkUw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d5dd5c6b3e9350e861db9d3ab7e4474f01a016c785f1aa114eb997d65689567d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onegold.com/css/site.css?v=iJP5BkkmRoZKtG5CmThKttI5FXnH-wgQL8y3YQHrkUw
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-length: 38644
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9f76f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709992d19376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 HKGroteskPro-Medium.woff2
www.onegold.com/lib/landkit/fonts/HKGroteskPro/ 38 KB
38 KB 485ms
484ms Font
font/woff2 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/lib/landkit/fonts/HKGroteskPro/HKGroteskPro-Medium.woff2

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/css/site.css?v=iJP5BkkmRoZKtG5CmThKttI5FXnH-wgQL8y3YQHrkUw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b4e244a11e64feea769fb9ca70981932aed7d829386245ff8198a0a6e16ea0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onegold.com/css/site.css?v=iJP5BkkmRoZKtG5CmThKttI5FXnH-wgQL8y3YQHrkUw
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-length: 39252
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
last-modified: Tue, 28 Jan 2020 09:58:24 GMT
server: cloudflare
etag: "1d5d5c17a9f7954"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a9709992d1d376c-HEL
expires: Fri, 17 Mar 2023 21:43:19 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 166ms
38ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F773) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1271
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ska/F773)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a45aa347-f01e-009d-52f5-58a0e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 17 Mar 2023 18:13:19 GMT

GET
H3 200 tag-b3dcc1fd78c0c11dc7348207f590d385.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 174 KB
49 KB 106ms
68ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b3dcc1fd78c0c11dc7348207f590d385.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574420&u=https%3A%2F%2Fwww.onegold.com%2Fapp%2Faccount%2Fregister%3FreferralCode%3D8595c543f98c4157bf5c691000764b3e%26cb%3D1&f=1&r=0.7349571621769593
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: ca0ef49850f90adf5678569895c4361ea50daa2387f414595359c890aec00cd8

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:18 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Mar 2023 05:21:30 GMT
server: gams1
etag: "6413f8da-c2fa"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49914

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 157ms
151ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=574420&d=onegold.com&u=DC73F8EA87DEFFE35F25937DE260DF8CD&h=b4888e5b037aa5cbd9917c71f313711b&t=false&r=0.30448743315166116

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 17:43:18 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 tag-15982a1a4f8fd2c58147c8ebdd62cac6.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 107 KB
27 KB 70ms
69ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-15982a1a4f8fd2c58147c8ebdd62cac6.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b3dcc1fd78c0c11dc7348207f590d385.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: eca981a9095b5b7b891bfb703c8e8396ca0ead19db99073a9ec2634c7f66d959

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Mar 2023 05:21:29 GMT
server: gams1
etag: "6413f8d9-6c42"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27714

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 83ms
73ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=574420&settings_type=1&vn=7.0&exc=2|20
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-b3dcc1fd78c0c11dc7348207f590d385.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 2d6374aa0da7c0690792e2c916b953d959063c3ca1ef80aec77c585b1223c52e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1679030502"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 71ms
71ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Mar 2023 05:21:29 GMT
server: gams1
etag: "6413f8d9-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 115ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6039262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFC3XV8wfRTNB3MkG0oXDJ0PMFS3YrPCcYVDgLP1BBpC6cPvhlyV4%2F%2BsHyBnNozodBHdGuhydtcQlnhL2NrOWI55A7dCCKtYJsJPRVf06axC6rlR5cKLPz72H9%2BJZfW15KOj%2Fx36x0VhIHiKyMn56xEr"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a97099d78aad95f-HEL
expires: Wed, 06 Mar 2024 17:43:19 GMT

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ 405 KB
162 KB 261ms
71ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b3cf08497202d4d3af1133aad0064a9ffedeff64a152f4913fc5e659ddeb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165320
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 16:26:51 GMT

GET
H2 200 getspotprices Show response
www.onegold.com/ 1 KB
717 B 191ms
190ms XHR
application/json 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/getspotprices?_=1679074999804

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8b3d8bdc63dda34995f488fe57a6b4b2d339a6924ed763875dc43e59a180ec3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
X-Requested-With: XMLHttpRequest
Request-Id: |Dgk5d.68h6V
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:20 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 7a97099d5ca7376c-HEL
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1

GET
H2 200 getspotprices Show response
www.onegold.com/ 1 KB
505 B 454ms
453ms XHR
application/json 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/getspotprices?_=1679074999805

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8b3d8bdc63dda34995f488fe57a6b4b2d339a6924ed763875dc43e59a180ec3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
X-Requested-With: XMLHttpRequest
Request-Id: |Dgk5d.8qFBy
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:20 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 7a97099d5cac376c-HEL
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1

GET
H2 200 green-arrow.svg
www.onegold.com/img/arrows/ 474 B
476 B 483ms
483ms Image
image/svg+xml 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/arrows/green-arrow.svg

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3ddc68bafa44825caddd89dcfe3e27330e4a0266c178bb6bba5a3ab14dc75a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Fri, 17 Mar 2023 17:43:20 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Jan 2019 08:54:16 GMT
server: cloudflare
etag: W/"1d4a72fbbffedda"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7a97099e9e62376c-HEL
expires: Fri, 17 Mar 2023 21:43:20 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 19AC 48 KB
27 KB 109ms
73ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&size=normal&cb=s6q0gfymvha8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__fi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90b05b4cb82a03cbc268ec3131e842dcc2dc01d41927e9546cb2af73932dc6b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6NgRcJN9UjhSA03iGpx5ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26669
content-security-policy: script-src 'report-sample' 'nonce-6NgRcJN9UjhSA03iGpx5ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 17:43:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 19AC 55 KB
24 KB 193ms
61ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&size=normal&cb=s6q0gfymvha8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 14:34:41 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 19AC 405 KB
161 KB 231ms
100ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__fi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b3cf08497202d4d3af1133aad0064a9ffedeff64a152f4913fc5e659ddeb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165320
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 16:26:51 GMT

GET
DATA 200
OK truncated
/ Frame 19AC 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 19AC 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 19AC 2 KB
2 KB 142ms
77ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 15:21:16 GMT
x-content-type-options: nosniff
age: 8525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 24 Mar 2023 15:21:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 19AC 15 KB
16 KB 319ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 94577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 15:27:04 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 19AC 102 B
134 B 149ms
98ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2dba6e113fd28421e7bad58b88ebccf46728893214a56460e46dc312bca0803d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&size=normal&cb=s6q0gfymvha8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 17 Mar 2023 17:43:21 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8D78 7 KB
1 KB 228ms
159ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8aa6554d9788b9ff11da4b58353403487d46a47b8bc9d35366e1b9b3a0e43c00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-46OjOn_VFaTseam57mjB6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1118
content-security-policy: script-src 'report-sample' 'nonce-46OjOn_VFaTseam57mjB6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 17:43:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 8D78 55 KB
24 KB 126ms
66ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 14:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 14:34:41 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 8D78 405 KB
161 KB 127ms
68ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b3cf08497202d4d3af1133aad0064a9ffedeff64a152f4913fc5e659ddeb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 16:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165320
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 16:26:51 GMT

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
304 B 251ms
227ms XHR
application/json 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ec1da6c67166ec0ead1e8a985ab9ee9c8a82f57c68f3d7717f32234d8c2f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onegold.com/
accept-language: fi-FI,fi;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 536C31E6-FF11-431F-B326-3F845136EE37
strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 17:43:23 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 995ms
85ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.onegold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 17 Mar 2023 17:43:22 GMT
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 14:43:46	Name: _bit Value: n2hhHh-22e7285af4b9bcba86-002
www.onegold.com/	1970-01-20 12:34:10	Name: OG.Referal Value: 8595c543f98c4157bf5c691000764b3e
www.onegold.com/	1969-12-31 23:59:59	Name: BNI_OGBN Value: 9gtavQUQ3DqYTsdq_zAZ7ryJxm3O4gLntDUl4CtR3hh4pjOkVLDhS0DItniNqd2KFOllTDxQVpFOB69lGeaZmw==
.onegold.com/	1970-01-20 10:24:36	Name: __cf_bm Value: Nwx9mENvx_ar.PwD6PxjmOE2993tNxTdIwdJbUY6YN4-1679074998-0-AQU/Xb3b8Rp4QBqC+9mbx66NzI0q4sRM8p6hxXZmz1QBmbwiSe95OQGqlLXJa0cHb25s1Dwkpvo4B4AKTDCtX8U=
www.onegold.com/	1969-12-31 23:59:59	Name: og_x-xsrf Value: CfDJ8Df4EPmclFpFihcibN8Kl1kKgybcYwTf7o05JYW4YMnAMhGcPPGkP1xCYHGQaep-nRnioiuHfadzjXEizKbSzgY648H42Y-XmdM-G8r9SGpqGHm6uuxqSXIfGkIvwS72l9sGf5BWQIkcqlOSqH7H7es
.onegold.com/	1970-01-20 19:11:37	Name: _vwo_uuid_v2 Value: DC73F8EA87DEFFE35F25937DE260DF8CD\|b4888e5b037aa5cbd9917c71f313711b
www.onegold.com/	1970-01-20 19:10:10	Name: ai_user Value: mbuAP\|2023-03-17T17:43:19.478Z
www.onegold.com/	1970-01-20 10:24:36	Name: ai_session Value: vtiKl\|1679074999483.5\|1679074999483.5
.onegold.com/	1970-01-20 12:48:34	Name: _vis_opt_s Value: 1%7C
.onegold.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.onegold.com/	1970-01-20 20:00:34	Name: _vwo_uuid Value: DC73F8EA87DEFFE35F25937DE260DF8CD
.onegold.com/	1970-01-20 10:24:36	Name: _vwo_sn Value: 0%3A1
.onegold.com/	1970-01-20 11:50:58	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241679074998%3A15.81836693%3A%3A%3A20_0%2C2_0%3A0
www.onegold.com/	1970-01-20 10:38:59	Name: nl-cid Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
az416426.vo.msecnd.net
bit.ly
cdnjs.cloudflare.com
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
www.google.com
www.gstatic.com
www.onegold.com
www.shopperapproved.com
104.22.25.135
13.69.106.217
152.199.19.160
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700::6812:17c2
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
34.96.102.137
67.199.248.11
02924bb3a4a2bbf0b5a46a0eae0dbdc6404c536d1a144133045e66d60b2d7c04
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a
15b3cf08497202d4d3af1133aad0064a9ffedeff64a152f4913fc5e659ddeb36
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2242c8e7a3e677cdf00ab7a94851144802f0d2fcab9c7b127129607ce3ea8cd8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d6374aa0da7c0690792e2c916b953d959063c3ca1ef80aec77c585b1223c52e
2dba6e113fd28421e7bad58b88ebccf46728893214a56460e46dc312bca0803d
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4
3878d16e63d984ff40cd135fb381097c7829e84e694165e5221b113eca6f9227
3ddc68bafa44825caddd89dcfe3e27330e4a0266c178bb6bba5a3ab14dc75a7d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4638788daa42a13d9224cc4b484d30c64f615d0c40994fdcb41c20c0948bf1b2
47db28c94d729a6b2185c97814cb784ca20c92229fe10cee19c1b0dd444409c6
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5653c4a03c9bbcf7dc1d3d00f49e42c9ffa4f74903495335093d06e617fffa18
62ec1da6c67166ec0ead1e8a985ab9ee9c8a82f57c68f3d7717f32234d8c2f40
638a78b37948b4784dd47251fb6347bf76cedaa3e98e0b4d73931a421471c65e
684a44378c34ba23a477d200a5ac69584adff0807d19a3259b1c4ae4bdf1db8d
716ff494c6e77fd5bfa3173742fded445560ed6aa8caa0bf767099dac948a958
7370241e112ca3118dc1b8cf8984da965b2384d72eb480703a56df4c7f8ff454
76294ce7aff1b11591024f02b45e7c849b6a6bf1fabd128a2ad4852720016f93
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
80656dd29f781e4d9a51020efd9504f21bfb695a4fdd532ffbed3f7ccf4d6e77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa6554d9788b9ff11da4b58353403487d46a47b8bc9d35366e1b9b3a0e43c00
8ac7c11273dbe4cfd09fd584e1334e24bc8000023435e4129402011e15222cec
8b3d8bdc63dda34995f488fe57a6b4b2d339a6924ed763875dc43e59a180ec3c
90b05b4cb82a03cbc268ec3131e842dcc2dc01d41927e9546cb2af73932dc6b3
90f4c4d96c3f7b707975d3ecaf93cee18394f0296bf274ed4bca421c87bab89a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99afc368ef14febb1d4755549716a7a6e2015f4a3eb03c47ecfbfcfb6db1cd6c
aa3d7067feeb4122002dc864a62e96840f2a295305cb629534dd8853db4907e2
b45a5d2c62879d85e7cb267818d8682108d98a0327857eab927bd24abacc6a59
b4e244a11e64feea769fb9ca70981932aed7d829386245ff8198a0a6e16ea0f4
c39ce856fbd7d31c75cb3ca6db838deaaac1c65ef9e9ae01e74f1ac2d3a849e8
c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1
ca0ef49850f90adf5678569895c4361ea50daa2387f414595359c890aec00cd8
ca65d5151df6908ffea047b8754c34a2890c4089cd81a7adc8922a05fdbf82a3
ccc694d2d66c21c6a6e7211c2dd967b16934a39e682e68e9eab9de94eb7611cf
d5dd5c6b3e9350e861db9d3ab7e4474f01a016c785f1aa114eb997d65689567d
db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30
e30ff67776083878ce063bf77fa9ef3bb7452eb8022cb9afa5e1bb874845fc9c
e8ce8d8de3d5e8780df4beaaaf04030a7c8dafcdcc4ee5c4024e3c6c0f40e38c
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
eca981a9095b5b7b891bfb703c8e8396ca0ead19db99073a9ec2634c7f66d959
f8075544f468da6db8bdc3dd7df5f871a4f78efd1e4e18e2efefaef5579baa5c

www.onegold.com Open in urlscan Pro 2606:4700::6812:17c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

62 %IPv6

12 Domains

13 Subdomains

13 IPs

4 Countries

1242 kBTransfer

3703 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onegold.com Open in urlscan Pro
2606:4700::6812:17c2 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

1242 kB
Transfer

3703 kB
Size

14
Cookies

53 HTTP transactions
2 data transactions