www.onegold.com Open in urlscan Pro
2606:4700::6812:17c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3mS6dNo
Effective URL:
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Submission: On June 18 via api (June 18th 2023, 9:16:33 pm UTC) from FI — Scanned from FI

Summary HTTP 54 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 54 HTTP transactions. The main IP is 2606:4700::6812:17c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onegold.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2023. Valid for: a year.

This is the only time www.onegold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 25	2606:4700::68... 2606:4700::6812:17c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.24.135 104.22.24.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.19.8.217 3.19.8.217	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	13.69.106.88 13.69.106.88	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
54	15

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6812:17c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.onegold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.24.135 (None, )

ASN13335 (CLOUDFLARENET, US)

www.shopperapproved.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

seal-oklahomacity.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.19.8.217 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-8-217.us-east-2.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	onegold.com 1 redirects www.onegold.com	421 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	570 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4707	97 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	31 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 687	282 B
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 10144	7 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2186	11 KB
2	shopperapproved.com www.shopperapproved.com — Cisco Umbrella Rank: 18351	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2417	22 KB
1	bbb.org seal-oklahomacity.bbb.org — Cisco Umbrella Rank: 509481	5 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 7176	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5113	308 B
54	14

	Domain	Requested by
25	www.onegold.com	1 redirects www.onegold.com az416426.vo.msecnd.net
6	www.gstatic.com	www.google.com www.gstatic.com
6	dev.visualwebsiteoptimizer.com	www.onegold.com dev.visualwebsiteoptimizer.com az416426.vo.msecnd.net
4	www.google.com	www.onegold.com www.gstatic.com www.google.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	seal.digicert.com	www.onegold.com
2	ajax.aspnetcdn.com	www.onegold.com
2	www.shopperapproved.com	www.onegold.com
1	fonts.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	www.onegold.com
1	az416426.vo.msecnd.net	www.onegold.com
1	seal-oklahomacity.bbb.org	www.onegold.com
1	pro.fontawesome.com	www.onegold.com
1	fonts.googleapis.com	www.onegold.com
1	bit.ly	1 redirects
54	15

This site contains links to these domains. Also see Links.

Domain
thebullioncard.onegold.com
www.facebook.com
twitter.com
www.youtube.com
apps.apple.com
play.google.com
support.onegold.com
www.shopperapproved.com
www.bbb.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.bbb.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-26` - `2024-04-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-04-20` - `2024-04-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Frame ID: 9A48C02018660701027B629F9F7E0CB0
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=mqsxibnk6z3j
Frame ID: AAF0FF2E2E37C3A80DBABE99AEABDB2E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku
Frame ID: B8F517AB0C9B4429E66EAB8EA4E3B887
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OneGold™ | Register

Page URL History Show full URLs

https://bit.ly/3mS6dNo HTTP 301
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e HTTP 302
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1 Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

1202 kB
Transfer

3701 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://thebullioncard.onegold.com/
Title: Apply Here.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onegoldinc/

Search URL Search Domain Scan URL

URL: https://twitter.com/OneGold_?lang=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwkU3RnwvFxVJzVCVe8BJtw

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/onegold/id1491393914?utm_campaign=OneGoldWeb&utm_medium=web&utm_source=onegold

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.onegold.ogapp.prod&hl=en_US&utm_campaign=OneGoldWeb&utm_medium=web&utm_source=onegold

Search URL Search Domain Scan URL

URL: https://support.onegold.com/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.shopperapproved.com/reviews/OneGold.com

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/ok/oklahoma-city/profile/gold-buyers/onegold-0995-90062095/#sealclick

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3mS6dNo HTTP 301
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e HTTP 302
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.onegold.com/app/account/
Redirect Chain

https://bit.ly/3mS6dNo
https://www.onegold.com/join/8595c543f98c4157bf5c691000764b3e
https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

61 KB
15 KB

192ms
191ms

Document
text/html

2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2a49cfa0a0cf95ffbc2b8f1feb4d5e1037c7889a4896a5ca8e6c101456753798

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7d968dac3856d91a-HEL
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 18 Jun 2023 21:16:27 GMT
pragma: no-cache
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
server: cloudflare
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7d968da8f982d91a-HEL
content-length: 0
date: Sun, 18 Jun 2023 21:16:26 GMT
location: /app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
server: cloudflare
strict-transport-security: max-age=2592000
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 236ms
81ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3743c6f1dd7dbe1a3677bc1304a36ea74dca1aeb1c5a687cfd4cdf5574e9925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Jun 2023 19:17:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Jun 2023 21:16:27 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.11.2/css/ 159 KB
31 KB 204ms
89ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.11.2/css/all.css
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: QADDAN19N24W7K5F
age: 12993
x-amz-id-2: S1aaleeVuIgvafkhgK219zBR7ObLz64crPwLd7FvmT/L0rTOsb/SCV7muT9CxYfeDCXg+6rljg4=
last-modified: Mon, 28 Jun 2021 17:02:27 GMT
server: cloudflare
etag: W/"0a4f9d4e59a60dc91ed451d57e4a8b80"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7d968dae2b4dd93f-HEL

GET
H2 200 vendor.min.css
www.onegold.com/css/ 427 KB
61 KB 513ms
512ms Stylesheet
text/css 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/css/vendor.min.css

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4638788daa42a13d9224cc4b484d30c64f615d0c40994fdcb41c20c0948bf1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:27 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 07:11:26 GMT
server: cloudflare
etag: W/"1d99dc6445cc85e"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7d968dad7c8ed91a-HEL
expires: Mon, 19 Jun 2023 01:16:27 GMT

GET
H2 200 site.css
www.onegold.com/css/ 34 KB
7 KB 511ms
510ms Stylesheet
text/css 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/css/site.css?v=SR1LYlyij47tz0S0PtMWPOxwU7NrB5wB6Y1snAPITGY

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

41ec8993d1245768db9b61c984e0b95c7f356543226cee96f0263b327cde1ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:27 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 07:09:46 GMT
server: cloudflare
etag: W/"1d99dc608bf10ee"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7d968dad7c90d91a-HEL
expires: Mon, 19 Jun 2023 01:16:27 GMT

GET
H2 200 certificate.js Show response
www.shopperapproved.com/seals/ 510 B
771 B 166ms
65ms Script
application/javascript 104.22.24.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.shopperapproved.com/seals/certificate.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
content-encoding: br
cf-cache-status: HIT
age: 8484
cf-polished: origSize=627
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 15 Jun 2023 07:59:41 GMT
server: cloudflare
etag: W/"273-5fe26735e0003-gzip"
vary: Accept-Encoding,Origin
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d968dae1c2cd999-HEL

GET
H2 200 og-logo.png
www.onegold.com/img/ 2 KB
2 KB 580ms
576ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/og-logo.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b45a5d2c62879d85e7cb267818d8682108d98a0327857eab927bd24abacc6a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=3054
x-powered-by: ASP.NET
content-disposition: inline; filename="og-logo.webp"
content-length: 1708
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Fri, 14 Sep 2018 05:32:16 GMT
server: cloudflare
etag: "1d44bec4bffbbee"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db10cfad91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 onegold.png
www.onegold.com/img/ 1 KB
1 KB 577ms
574ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/onegold.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ca65d5151df6908ffea047b8754c34a2890c4089cd81a7adc8922a05fdbf82a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=1310
x-powered-by: ASP.NET
content-disposition: inline; filename="onegold.webp"
content-length: 1106
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 18 Jan 2022 08:49:58 GMT
server: cloudflare
etag: "1d80c485f17ba1e"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db10cffd91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 $5-Cash.png
www.onegold.com/cms/ReferAFRiend/ 6 KB
6 KB 645ms
641ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/$5-Cash.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

90f4c4d96c3f7b707975d3ecaf93cee18394f0296bf274ed4bca421c87bab89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=14777
x-powered-by: ASP.NET
content-disposition: inline; filename="$5-Cash.webp"
content-length: 5836
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 03 Nov 2020 16:27:21 GMT
server: cloudflare
etag: "1d6b1fe34394339"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db10d01d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 trust.png
www.onegold.com/cms/ReferAFRiend/ 4 KB
5 KB 621ms
617ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/trust.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

99afc368ef14febb1d4755549716a7a6e2015f4a3eb03c47ecfbfcfb6db1cd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=13572
x-powered-by: ASP.NET
content-disposition: inline; filename="trust.webp"
content-length: 4498
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2019 18:36:12 GMT
server: cloudflare
etag: "1d4d514a3840304"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db11d05d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 Multi-People.png
www.onegold.com/cms/ReferAFRiend/ 14 KB
14 KB 622ms
619ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/ReferAFRiend/Multi-People.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

638a78b37948b4784dd47251fb6347bf76cedaa3e98e0b4d73931a421471c65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=40523
x-powered-by: ASP.NET
content-disposition: inline; filename="Multi-People.webp"
content-length: 13934
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Mar 2019 18:36:12 GMT
server: cloudflare
etag: "1d4d514a384a84b"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db11d0ad91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 logo.webp
www.onegold.com/img/ 7 KB
7 KB 599ms
596ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/logo.webp

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6ef8c6425914268d154d3e7c3618c0af5a612c97e09cd6833083b2f6a31971c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
content-length: 7302
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
last-modified: Fri, 10 Feb 2023 08:01:16 GMT
server: cloudflare
etag: "1d93d25d9b8f286"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db11d0ed91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 Facebook-icon.png
www.onegold.com/cms/ 374 B
529 B 591ms
587ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/Facebook-icon.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f0cc6a17d6bfcf0394d84edb3be6b38d194d537d24319c9e60b0bc7976086a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=845
x-powered-by: ASP.NET
content-disposition: inline; filename="Facebook-icon.webp"
content-length: 374
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 May 2023 20:12:51 GMT
server: cloudflare
etag: "1d98e7c1dbaa0cd"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db11d11d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 twitter-icon.png
www.onegold.com/cms/ 344 B
475 B 620ms
617ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/twitter-icon.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3e034272a7f2704c32d0dcc718f4bb7222dc2f8209b57058e5580f16315e8408

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=870
x-powered-by: ASP.NET
content-disposition: inline; filename="twitter-icon.webp"
content-length: 344
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 May 2023 20:12:51 GMT
server: cloudflare
etag: "1d98e7c1dbaa0e6"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db14dd4d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 YouTube-icon.png
www.onegold.com/cms/ 278 B
509 B 622ms
619ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/YouTube-icon.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c3244bec0f00418cb6af5d931b320a3a8b97cc603c9178c7f0893bc6e79f2bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=524
x-powered-by: ASP.NET
content-disposition: inline; filename="YouTube-icon.webp"
content-length: 278
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 May 2023 20:12:51 GMT
server: cloudflare
etag: "1d98e7c1dbaa18c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db14dd9d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 button-app.png
www.onegold.com/lib/landkit/img/buttons/ 7 KB
7 KB 621ms
619ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/buttons/button-app.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c39ce856fbd7d31c75cb3ca6db838deaaac1c65ef9e9ae01e74f1ac2d3a849e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=21212
x-powered-by: ASP.NET
content-disposition: inline; filename="button-app.webp"
content-length: 7008
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 07:58:24 GMT
server: cloudflare
etag: "1d5d5b0b71742dc"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db14dded91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 button-play.png
www.onegold.com/lib/landkit/img/buttons/ 10 KB
11 KB 601ms
598ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/lib/landkit/img/buttons/button-play.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ccc694d2d66c21c6a6e7211c2dd967b16934a39e682e68e9eab9de94eb7611cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=25385
x-powered-by: ASP.NET
content-disposition: inline; filename="button-play.webp"
content-length: 10738
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Jan 2020 07:58:24 GMT
server: cloudflare
etag: "1d5d5b0b7177329"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db14de0d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 APMEX-Investments-You-Hold-White-Footer-Logo-v2.png
www.onegold.com/cms/ 2 KB
2 KB 621ms
618ms Image
image/webp 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/cms/APMEX-Investments-You-Hold-White-Footer-Logo-v2.png

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

68b0b0aee08b3c45ce5ad42fabca7b22768ffa26c11d0f2292a35b91233271e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=12314
x-powered-by: ASP.NET
content-disposition: inline; filename="APMEX-Investments-You-Hold-White-Footer-Logo-v2.webp"
content-length: 1636
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 20:16:20 GMT
server: cloudflare
etag: "1d9933398c8321a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d968db14de1d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 default-sa-seal.gif
www.shopperapproved.com/seal/29550/ 4 KB
4 KB 67ms
64ms Image
image/gif 104.22.24.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.shopperapproved.com/seal/29550/default-sa-seal.gif

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.24.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdc082485e1e129bfa7f6815771c0b533970fc4d83b7b47db6945d7ccd4fefe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options	sameorigin

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-security-policy: frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
cf-cache-status: HIT
age: 12993
cf-polished: origSize=5949, status=vary_header_present
p3p: CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
content-disposition: filename='29550-standard_large.gif.gif'
alt-svc: h3=":443"; ma=86400
content-length: 4189
cf-bgj: imgq:100,h2pri
last-modified: Sun, 18 Jun 2023 17:39:54 GMT
server: cloudflare
vary: Accept-Encoding,Origin
x-frame-options: sameorigin
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7d968db10bcad999-HEL

GET
H2 200 email-decode.min.js Show response
www.onegold.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 46ms
46ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jun 2023 10:17:37 GMT
server: cloudflare
etag: W/"648ae541-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d968db0ac21d91a-HEL
expires: Tue, 20 Jun 2023 21:16:27 GMT

GET
H2 200 blue-seal-153-100-bbb-90062095.png
seal-oklahomacity.bbb.org/seals/ 4 KB
5 KB 267ms
71ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-oklahomacity.bbb.org/seals/blue-seal-153-100-bbb-90062095.png
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 9aa6e8ac1303bc83bfb1686894b4acbaa6878df06b9992632cebdff8830a7f0f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
last-modified: Sun, 18 Jun 2023 04:09:36 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
x-edge-location: defr
x-powered-by: ASP.NET
x-cache: STALE
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
x-shield: active
content-length: 4417
expires: Mon, 19 Jun 2023 01:16:27 GMT

GET
H2 200 vendor.min.js Show response
www.onegold.com/js/ 893 KB
237 KB 600ms
599ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/vendor.min.js?v=ApJLs6Siu_C1pGoOrg29xkBMU20aFEEzBF5m1gstfAQ

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

02924bb3a4a2bbf0b5a46a0eae0dbdc6404c536d1a144133045e66d60b2d7c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 07:11:26 GMT
server: cloudflare
etag: W/"1d99dc644579009"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d968db0fcb8d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 all.min.js Show response
www.onegold.com/js/ 38 KB
8 KB 586ms
585ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/all.min.js?v=Z1tApaVZNGY13IIm8eknFnEc-ZAw77uOHqeq7qBnn_E

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

675b40a5a559346635dc8226f1e92716711cf99030efbb8e1ea7aaeea0679ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 07:11:28 GMT
server: cloudflare
etag: W/"1d99dc6458b0843"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d968db10cdbd91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 common.js Show response
www.onegold.com/js/ 14 KB
2 KB 624ms
620ms Script
application/javascript 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/js/common.js?v=TvEOWXoAb3zrApimXUfN0eahuD7WKvEGENIJY9SjAVs

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

65342de9bd43dbcc1ccc4fd330950c96d90aa07dc285d3056561673898d3b93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 12 May 2023 07:21:56 GMT
server: cloudflare
etag: W/"1d984a26ea4f4db"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7d968db10cf2d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
877 B 233ms
80ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3851b178b0373dffa9438a26fb712baaef5e039b04217282b20eaef60d550b12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Sun, 18 Jun 2023 21:16:27 GMT

GET
H2 200 jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/ 21 KB
8 KB 232ms
51ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.14.0/jquery.validate.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F7A2) /

Resource Hash

2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31349658
x-cache: HIT
content-length: 8518
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:42:30 GMT
server: ECAcc (ska/F7A2)
etag: "54f11b72d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/ 5 KB
3 KB 231ms
51ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validation.unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ska/F7B8) /

Resource Hash

13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19416779
x-cache: HIT
content-length: 2475
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:43:24 GMT
server: ECAcc (ska/F7B8)
etag: "53b63b92d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
4 KB 192ms
84ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574420&u=https%3A%2F%2Fwww.onegold.com%2Fapp%2Faccount%2Fregister%3FreferralCode%3D8595c543f98c4157bf5c691000764b3e%26cb%3D1&f=1&r=0.6713831986718994
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 715e38cc6f9528d2783eb393e85eb7672f6a3c7830864323aa0547ab1e0ab0fc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1686914295"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
4 KB 506ms
165ms Script
application/javascript 3.19.8.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.19.8.217 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-19-8-217.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 18 Jun 2023 21:16:28 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
last-modified: Tue, 13 Jun 2023 09:57:16 GMT
Server: nginx
etag: W/"1e3d-5fdffdc2d5700"
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H2 200 Avenir-Medium.otf
www.onegold.com/lib/dashmix/fonts/dg/ 60 KB
32 KB 607ms
607ms Font
font/otf 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/lib/dashmix/fonts/dg/Avenir-Medium.otf

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/css/vendor.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

76294ce7aff1b11591024f02b45e7c849b6a6bf1fabd128a2ad4852720016f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.onegold.com/css/vendor.min.css
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Jul 2018 03:25:36 GMT
server: cloudflare
etag: W/"1d41d7dd3ac97a0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 7d968db14de3d91a-HEL
expires: Mon, 19 Jun 2023 01:16:28 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 209ms
48ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F773) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 617
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ska/F773)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0e5d4369-f01e-0035-4d28-a23e90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sun, 18 Jun 2023 21:46:27 GMT

GET
H3 200 tag-9a2eb628d105c6debf838c2d0dc96369.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 178 KB
50 KB 130ms
80ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9a2eb628d105c6debf838c2d0dc96369.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=574420&u=https%3A%2F%2Fwww.onegold.com%2Fapp%2Faccount%2Fregister%3FreferralCode%3D8595c543f98c4157bf5c691000764b3e%26cb%3D1&f=1&r=0.6713831986718994
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 77387c969116a767a1fe1f4b8a37f3346869cbf618f286eb1cb162b528fe0995

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 16 Jun 2023 11:17:54 GMT
server: gams1
etag: "648c44e2-c69a"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50842

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
205 B 154ms
153ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=574420&d=onegold.com&u=D60AF59389D1F43642F86D6C7BEE1704B&h=85553e504ed649874f8d19445642e7b0&t=false&r=0.5201397544605146

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Jun 2023 21:16:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 tag-2cea5e7632744e5d54184a301a6267b9.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 112 KB
28 KB 80ms
80ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-2cea5e7632744e5d54184a301a6267b9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9a2eb628d105c6debf838c2d0dc96369.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: f65409964566a110b6ad469f0869f17981c9e58e667045c0e1ab6d4974ff6f42

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 16 Jun 2023 11:17:53 GMT
server: gams1
etag: "648c44e1-709f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28831

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 83ms
82ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=574420&settings_type=1&vn=7.0&exc=2|20
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-9a2eb628d105c6debf838c2d0dc96369.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 1af6006e30749d92bb1236427bdfb56ccaa64fcfb9a3e595a04544bfc237e86a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
etag: W/"1686914295"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 81ms
80ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:27 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 16 Jun 2023 11:17:52 GMT
server: gams1
etag: "648c44e0-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 141ms
50ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2333194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDv6jdUpPCiX%2FKn1tDNHD7%2BPzK%2F6SgbTDC%2Fs%2BlzmVgamCVgvSZutsct45R3HOHK0W3PzopXFya7hNHT1ClhIztd%2FQwomV7uBrwc6hVLP%2Fx4boKa4XF9luC%2F2ecbKXUz72T5IlqFJWCUdTsLT1WiBPjOu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d968db61dfe3767-HEL
expires: Fri, 07 Jun 2024 21:16:28 GMT

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 418 KB
169 KB 229ms
73ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onegold.com/
Origin: https://www.onegold.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 04:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171923
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:08:09 GMT

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 2 KB
3 KB 166ms
165ms Image
image/png 3.19.8.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=gS15hh9E&referer=www.onegold.com&format=png&lang=en&an=min

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.19.8.217 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-19-8-217.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bd9d68d5f1fd010ffa592493f6993df3f33b9965574d3fe530cc1a5729375955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sun, 18 Jun 2023 21:16:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff, nosniff
last-modified: Sun, 18 Jun 2023 00:00:00 +0000
Server: nginx
Content-Type: image/png
cache-control: max-age=86400
Connection: keep-alive
Content-Length: 2486
X-XSS-Protection: 1; mode=block, 1; mode=block
expires: Mon, 19 Jun 2023 16:47:49 +0000

GET
H2 200 getspotprices Show response
www.onegold.com/ 1 KB
686 B 199ms
198ms XHR
application/json 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/getspotprices?_=1687122988369

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d43a475c9f400c21243f12b16be47d1ac32cbcdd5e4472966a5843785b68c9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
X-Requested-With: XMLHttpRequest
Request-Id: |p7h7p.Y933V
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 7d968db5b854d91a-HEL
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1

GET
H2 200 getspotprices Show response
www.onegold.com/ 1 KB
458 B 461ms
460ms XHR
application/json 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onegold.com/getspotprices?_=1687122988370

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d43a475c9f400c21243f12b16be47d1ac32cbcdd5e4472966a5843785b68c9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
X-Requested-With: XMLHttpRequest
Request-Id: |p7h7p.dS4/x
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:28 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 7d968db5b859d91a-HEL
request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1

GET
H2 200 green-arrow.svg
www.onegold.com/img/arrows/ 474 B
418 B 478ms
477ms Image
image/svg+xml 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/arrows/green-arrow.svg

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3ddc68bafa44825caddd89dcfe3e27330e4a0266c178bb6bba5a3ab14dc75a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:29 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Jan 2019 06:54:16 GMT
server: cloudflare
etag: W/"1d4a71ef8771dda"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7d968db70c27d91a-HEL
expires: Mon, 19 Jun 2023 01:16:29 GMT

GET
H2 200 red-arrow.svg
www.onegold.com/img/arrows/ 498 B
478 B 466ms
465ms Image
image/svg+xml 2606:4700::6812:17c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.onegold.com/img/arrows/red-arrow.svg

Requested by

Host: www.onegold.com
URL: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0e7650543c3077019e588243b3796aed2dff2322880223577af4a251621e63c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.onegold.com/app/account/register?referralCode=8595c543f98c4157bf5c691000764b3e&cb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context: appId=cid-v1:6208a2ca-93f3-4494-9568-bc18e66ecbb1
date: Sun, 18 Jun 2023 21:16:29 GMT
strict-transport-security: max-age=2592000
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Jan 2019 06:54:16 GMT
server: cloudflare
etag: W/"1d4a71ef8771df2"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7d968db70c2ed91a-HEL
expires: Mon, 19 Jun 2023 01:16:29 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AAF0 51 KB
29 KB 102ms
100ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=mqsxibnk6z3j

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

283304fc98964b68e2c1f819456e492eea81f69912ccff30995d6c6f154a2f3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yfyu-m98UCeiSlXIkiSpdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28906
content-security-policy: script-src 'report-sample' 'nonce-yfyu-m98UCeiSlXIkiSpdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Jun 2023 21:16:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame AAF0 55 KB
24 KB 216ms
71ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=mqsxibnk6z3j

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 10:01:38 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame AAF0 418 KB
168 KB 254ms
109ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 04:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171923
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:08:09 GMT

GET
DATA 200
OK truncated
/ Frame AAF0 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AAF0 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AAF0 2 KB
2 KB 75ms
75ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 80634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAF0 15 KB
16 KB 230ms
73ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 10:16:17 GMT
x-content-type-options: nosniff
age: 212412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 10:16:17 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AAF0 102 B
133 B 82ms
82ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c70c790bed3774b89c7a1a4f00ddd9c760009a9090e64148ceb5125e7868c638

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku&co=aHR0cHM6Ly93d3cub25lZ29sZC5jb206NDQz&hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=mqsxibnk6z3j
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 21:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Sun, 18 Jun 2023 21:16:29 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B8F5 7 KB
1 KB 89ms
88ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31ef3cb8bee6fbc2a363dc033ae6e42a43ae49a7ceac3ca237b3781e6f8cdf7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MeYAEKzWlExi7rjvWAufZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.onegold.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1154
content-security-policy: script-src 'report-sample' 'nonce-MeYAEKzWlExi7rjvWAufZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Jun 2023 21:16:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame B8F5 55 KB
24 KB 73ms
73ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 10:01:38 GMT

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame B8F5 418 KB
168 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=SglpK98hSCn2CroR0bKRSJl5&k=6LcwmcwZAAAAAGJ-yKiaIERL8kY3kf2a7_Dm3Qku

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 04:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171923
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:08:09 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 432ms
79ms Preflight 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.onegold.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Sun, 18 Jun 2023 21:16:30 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
282 B 100ms
100ms XHR
application/json 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ec1da6c67166ec0ead1e8a985ab9ee9c8a82f57c68f3d7717f32234d8c2f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onegold.com/
accept-language: fi-FI,fi;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: DC72BABD-BE84-4D47-B0B6-77E15DED15A4
strict-transport-security: max-age=31536000
date: Sun, 18 Jun 2023 21:16:30 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 16:57:54	Name: _bit Value: n5ilgq-61d4a63fdd8540d69e-009
www.onegold.com/	1970-01-20 14:48:18	Name: OG.Referal Value: 8595c543f98c4157bf5c691000764b3e
www.onegold.com/	1969-12-31 23:59:59	Name: BNI_OGBN Value: 9gtavQUQ3DqYTsdq_zAZ7ryJxm3O4gLntDUl4CtR3hh4pjOkVLDhS0DItniNqd2KFOllTDxQVpFOB69lGeaZmw==
.onegold.com/	1970-01-20 12:38:44	Name: __cf_bm Value: gxXFI423vGzK50aSk3pOLZuX5YEuSUNUdALbhbXfkQs-1687122986-0-AR03cP+0cGD8rPLA0luFovzFyfMKfwHXfngSY+UAVzCZfyK2WpAzWOFkS4V6SmxPk2GpT93dx1jX+z7R22alA1s=
www.onegold.com/	1969-12-31 23:59:59	Name: og_x-xsrf Value: CfDJ8IyEqMB_XO9Jr-65loenLwYLggub0ddy79TXaVYKwseKCUj8TrUpbdwYISREKYvXaVw4ukqO-Kxm0sqOuXFs1WN9MJGNDiOgV6If1PLgz4mdHlZtwkocV1upjO4eHxPt4ckIYcTBu29TA8wKCCEZg18
.onegold.com/	1970-01-20 21:25:45	Name: _vwo_uuid_v2 Value: D60AF59389D1F43642F86D6C7BEE1704B\|85553e504ed649874f8d19445642e7b0
www.onegold.com/	1970-01-20 21:24:18	Name: ai_user Value: vNeL8\|2023-06-18T21:16:27.928Z
www.onegold.com/	1970-01-20 12:38:44	Name: ai_session Value: jtKek\|1687122987930.9\|1687122987930.9
.onegold.com/	1970-01-20 15:02:42	Name: _vis_opt_s Value: 1%7C
.onegold.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.onegold.com/	1970-01-20 22:14:42	Name: _vwo_uuid Value: D60AF59389D1F43642F86D6C7BEE1704B
.onegold.com/	1970-01-20 12:38:44	Name: _vwo_sn Value: 0%3A1
.onegold.com/	1970-01-20 14:05:06	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241687122987%3A52.66655313%3A%3A%3A20_0%2C2_0%3A0
www.onegold.com/	1970-01-20 12:53:06	Name: nl-cid Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
az416426.vo.msecnd.net
bit.ly
cdnjs.cloudflare.com
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
pro.fontawesome.com
seal-oklahomacity.bbb.org
seal.digicert.com
www.google.com
www.gstatic.com
www.onegold.com
www.shopperapproved.com
104.22.24.135
13.69.106.88
152.199.19.160
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:180e
2606:4700::6812:1634
2606:4700::6812:17c2
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a0b:4d07:102::1
3.19.8.217
34.96.102.137
67.199.248.11
02924bb3a4a2bbf0b5a46a0eae0dbdc6404c536d1a144133045e66d60b2d7c04
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e7650543c3077019e588243b3796aed2dff2322880223577af4a251621e63c6
13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a
1af6006e30749d92bb1236427bdfb56ccaa64fcfb9a3e595a04544bfc237e86a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
283304fc98964b68e2c1f819456e492eea81f69912ccff30995d6c6f154a2f3c
2a49cfa0a0cf95ffbc2b8f1feb4d5e1037c7889a4896a5ca8e6c101456753798
2da9f9802acf5725de0c738b1f685ca720f92d029ea41836181b104bdda52a7a
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4
31ef3cb8bee6fbc2a363dc033ae6e42a43ae49a7ceac3ca237b3781e6f8cdf7a
3851b178b0373dffa9438a26fb712baaef5e039b04217282b20eaef60d550b12
3ddc68bafa44825caddd89dcfe3e27330e4a0266c178bb6bba5a3ab14dc75a7d
3e034272a7f2704c32d0dcc718f4bb7222dc2f8209b57058e5580f16315e8408
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41ec8993d1245768db9b61c984e0b95c7f356543226cee96f0263b327cde1ee8
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4638788daa42a13d9224cc4b484d30c64f615d0c40994fdcb41c20c0948bf1b2
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
62ec1da6c67166ec0ead1e8a985ab9ee9c8a82f57c68f3d7717f32234d8c2f40
638a78b37948b4784dd47251fb6347bf76cedaa3e98e0b4d73931a421471c65e
65342de9bd43dbcc1ccc4fd330950c96d90aa07dc285d3056561673898d3b93b
675b40a5a559346635dc8226f1e92716711cf99030efbb8e1ea7aaeea0679ff1
68b0b0aee08b3c45ce5ad42fabca7b22768ffa26c11d0f2292a35b91233271e4
6ef8c6425914268d154d3e7c3618c0af5a612c97e09cd6833083b2f6a31971c6
715e38cc6f9528d2783eb393e85eb7672f6a3c7830864323aa0547ab1e0ab0fc
76294ce7aff1b11591024f02b45e7c849b6a6bf1fabd128a2ad4852720016f93
77387c969116a767a1fe1f4b8a37f3346869cbf618f286eb1cb162b528fe0995
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90f4c4d96c3f7b707975d3ecaf93cee18394f0296bf274ed4bca421c87bab89a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99afc368ef14febb1d4755549716a7a6e2015f4a3eb03c47ecfbfcfb6db1cd6c
9aa6e8ac1303bc83bfb1686894b4acbaa6878df06b9992632cebdff8830a7f0f
9cdc082485e1e129bfa7f6815771c0b533970fc4d83b7b47db6945d7ccd4fefe
b45a5d2c62879d85e7cb267818d8682108d98a0327857eab927bd24abacc6a59
bd9d68d5f1fd010ffa592493f6993df3f33b9965574d3fe530cc1a5729375955
c3244bec0f00418cb6af5d931b320a3a8b97cc603c9178c7f0893bc6e79f2bb9
c39ce856fbd7d31c75cb3ca6db838deaaac1c65ef9e9ae01e74f1ac2d3a849e8
c3e933b42bf491d9ce08fc15ab1f7108601c87eee1582a7f497d2ac94a86c1c1
c70c790bed3774b89c7a1a4f00ddd9c760009a9090e64148ceb5125e7868c638
ca65d5151df6908ffea047b8754c34a2890c4089cd81a7adc8922a05fdbf82a3
ccc694d2d66c21c6a6e7211c2dd967b16934a39e682e68e9eab9de94eb7611cf
d3743c6f1dd7dbe1a3677bc1304a36ea74dca1aeb1c5a687cfd4cdf5574e9925
d43a475c9f400c21243f12b16be47d1ac32cbcdd5e4472966a5843785b68c9f9
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
f0cc6a17d6bfcf0394d84edb3be6b38d194d537d24319c9e60b0bc7976086a19
f65409964566a110b6ad469f0869f17981c9e58e667045c0e1ab6d4974ff6f42

www.onegold.com Open in urlscan Pro 2606:4700::6812:17c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

60 %IPv6

14 Domains

15 Subdomains

15 IPs

5 Countries

1202 kBTransfer

3701 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onegold.com Open in urlscan Pro
2606:4700::6812:17c2 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

1202 kB
Transfer

3701 kB
Size

14
Cookies

54 HTTP transactions
2 data transactions