gheed.com Open in urlscan Pro
18.66.97.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gheed.com/
Effective URL:
https://gheed.com/
Submission: On February 08 via api (February 8th 2024, 4:57:59 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 19 domains to perform 76 HTTP transactions. The main IP is 18.66.97.108, located in United States and belongs to AMAZON-02, US. The main domain is gheed.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 30th 2023. Valid for: a year.

This is the only time gheed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
24	18.66.97.108 18.66.97.108	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	146.75.118.167 146.75.118.167	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	34.107.189.147 34.107.189.147	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.5.134.169 3.5.134.169	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
4	2600:9000:20a... 2600:9000:20a0:e000:19:f28c:cd92:c761	16509 (AMAZON-02) (AMAZON-02)
3	52.219.140.35 52.219.140.35	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
76	27

1 18.66.97.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

gheed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 18.66.97.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-108.fra56.r.cloudfront.net

gheed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:34e (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

embed.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.189.147 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 147.189.107.34.bc.googleusercontent.com

t.nit.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.134.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

gheed-campaigns-prod.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20a0:e000:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.jtvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.219.140.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gheed.com 1 redirects gheed.com	2 MB
7	gstatic.com www.gstatic.com fonts.gstatic.com	488 KB
7	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 24309	197 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 ad.doubleclick.net — Cisco Umbrella Rank: 157 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	171 KB
4	jtvnw.net static-cdn.jtvnw.net — Cisco Umbrella Rank: 9725	254 KB
4	amazonaws.com gheed-campaigns-prod.s3.eu-central-1.amazonaws.com s3.eu-central-1.amazonaws.com	238 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	36 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2173	21 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1228 syndication.twitter.com — Cisco Umbrella Rank: 1561	132 KB
2	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 36735	107 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 898	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 851 api.btloader.com — Cisco Umbrella Rank: 942	28 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114	189 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 74	69 KB
1	nit.ro t.nit.ro — Cisco Umbrella Rank: 21453
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1012 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	93 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2624	46 KB
1	twitch.tv embed.twitch.tv — Cisco Umbrella Rank: 103655	8 KB
76	19

	Domain	Requested by
25	gheed.com	1 redirects gheed.com
7	s.nitropay.com	gheed.com s.nitropay.com
4	static-cdn.jtvnw.net	gheed.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	gheed.com s.nitropay.com www.gstatic.com www.google.com
3	s3.eu-central-1.amazonaws.com	gheed.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	consent.nitrocnct.com	s.nitropay.com
2	ad-delivery.net	gheed.com
2	securepubads.g.doubleclick.net	s.nitropay.com
2	www.google-analytics.com	gheed.com www.google-analytics.com
2	pagead2.googlesyndication.com	gheed.com s.nitropay.com
2	www.youtube.com	gheed.com www.youtube.com
2	platform.twitter.com	gheed.com platform.twitter.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.doubleclick.net	gheed.com
1	api.btloader.com	btloader.com
1	googleads.g.doubleclick.net	s.nitropay.com
1	gheed-campaigns-prod.s3.eu-central-1.amazonaws.com	gheed.com
1	t.nit.ro	s.nitropay.com
1	btloader.com	s.nitropay.com
1	syndication.twitter.com	platform.twitter.com
1	fonts.googleapis.com	gheed.com
1	www.googletagmanager.com	gheed.com
1	www.paypalobjects.com	gheed.com
1	embed.twitch.tv	gheed.com
76	27

This site contains links to these domains. Also see Links.

Domain
vitablo.de
discord.gg
www.instagram.com
twitter.com
nitropay.com

Subject Issuer	Validity	Valid
gheed.com Amazon RSA 2048 M02	`2023-11-30` - `2024-12-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
twitch.tv GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-01` - `2024-10-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
t.nit.ro GTS CA 1D4	`2024-01-25` - `2024-04-24`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-12`	10 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
static-cdn.jtvnw.net Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
nitrocnct.com E1	`2023-12-23` - `2024-03-22`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://gheed.com/
Frame ID: CAC29E95F7EB76ADC6352FDCAB37AB02
Requests: 65 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgheed.com
Frame ID: 40F3ECD68439487D79692F1331251190
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=5hzbxylrpvx
Frame ID: 93D33FD68576AE047C2C11FEE02A0892
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html
Frame ID: BB9A90B5E4DEC494D084A38CC431C378
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A giveaway a day keeps the doctor away! @ GHEED

Page URL History Show full URLs

http://gheed.com/ HTTP 301
https://gheed.com/ Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

100 %
HTTPS

64 %
IPv6

19
Domains

27
Subdomains

27
IPs

3
Countries

4511 kB
Transfer

10150 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://vitablo.de/

Search URL Search Domain Scan URL

URL: https://discord.gg/CCTuaCQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gheed_com

Search URL Search Domain Scan URL

URL: https://twitter.com/gheed_com

Search URL Search Domain Scan URL

URL: https://nitropay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gheed.com/ HTTP 301
https://gheed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gheed.com/
Redirect Chain

http://gheed.com/
https://gheed.com/

74 KB
11 KB

57ms
39ms

Document
text/html

18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 976e48336d2ca958400d30d5fe1c24a539c1b0bd8a603078e883e78d30db0884

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 08 Feb 2024 16:57:53 GMT
etag: W/"12839-OqtMzQH4GVzvGjFNKmkEbfqW7TE"
server: nginx/1.12.1
vary: Accept-Encoding
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id: 8fdJuqzASCMwIgLy06XmctfyGOfo6_A5lLk2depl_2yVu2XS5FqFAQ==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 08 Feb 2024 16:57:53 GMT
Location: https://gheed.com/
Server: CloudFront
Via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: iFxdohQ410wXHKtVG9hIt8BDBnINNErOw_ii2rJnMNR_GXTPFFNtig==
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront

GET
H2 200 fonts.css
gheed.com/static/assets/css/ 5 KB
1 KB 10ms
9ms Stylesheet
text/css 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/css/fonts.css
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3c052c239f112d8a87865f56d70dfe3c0cd53ad2ac9e9c53f5697b06eb3d4a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 08:40:45 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:17 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 29837
etag: W/"14e2-18d5befc628"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: pHoTLPr6lNviy1AoLkU8Sg1It3hZKMxM6lJLf-jA3v8aXwgE6SfqsQ==

GET
H2 200 global.css
gheed.com/static/assets/css/ 3 KB
1 KB 9ms
8ms Stylesheet
text/css 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/css/global.css
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: fd3c29a0d7bef211ff305c707300d6752136c25b1cd189b3fe43235d610a2a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 08:40:45 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:17 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 29837
etag: W/"ad5-18d5befc628"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: kXMPXxh5obBtrgl76FR7QeXKj_4jFIgiCTkrkTFCJt-2eYKl-8bYLw==

GET
H2 200 vendors.38197ff1.chunk.css
gheed.com/static/css/ 19 KB
5 KB 10ms
9ms Stylesheet
text/css 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/css/vendors.38197ff1.chunk.css
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 67617a63e4b3c5921085d11b8db467f81262b155eb5a1cd6b189bafa80f4d108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:31:21 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:49 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 44816
etag: W/"4ddb-18d5bf04328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: p3IRMkNif21iWSI9NgLiWmy5Ms3PcA0oUH_5uFtviNyjjyT6x7QyFQ==

GET
H2 200 vendors.add763cf.chunk.js Show response
gheed.com/static/js/ 2 MB
525 KB 7ms
7ms Script
application/javascript 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d716c97ecb7fdf23a8e7d9a8f58590a7978db39aed5d8f8dc091e227a4d6e313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 03:41:35 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:49 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 47778
etag: W/"1c8f50-18d5bf04328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: MMXskeJJNPrcL-llBXYNDAY9d6UL4yiAV1CUgmqsE0Xoh0QazXI1QQ==

GET
H2 200 bundle.0ce2828b.css
gheed.com/static/css/ 20 KB
3 KB 11ms
10ms Stylesheet
text/css 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/css/bundle.0ce2828b.css
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9e7b1c3d14a6f4ae83d6903e1ca998accc6340c86db646945fc4f7ae41343cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 03:56:34 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:49 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 50683
etag: W/"4e71-18d5bf04328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: nbMknZQZpRe-QUcemtI1XCecYiCiK0_T_tg4sBAVuAgEW4dfabUM6A==

GET
H2 200 client.8259c230.js Show response
gheed.com/static/js/ 1 MB
234 KB 27ms
27ms Script
application/javascript 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/client.8259c230.js
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 658d3b1ee2935a51623d0fa23bcf4d68c00fc12ae68c077d99a297f1e5020e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 03:56:34 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:49 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 46879
etag: W/"123d35-18d5bf04328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: PsZY3-dgrJqmxJETg50hcOXQgxHx2_Aka9cK78ZgXFi_mYu4PeFoPQ==

GET
H2 200 ads-1793.js Show response
s.nitropay.com/ 452 KB
140 KB 85ms
42ms Script
text/javascript 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-1793.js

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68eacb383629cf30559eb8ddd4f957df1b5190a9b5c6a5ba198dd7eeb873dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1706642060
age: 16560
x-guploader-uploadid: ABPtcPoLKo3udpgqMiclnKPCUz6rE0m_-U89LFG83NdyJyMjEjI_jphnjBPK7NaYIQQ8MLiQyA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Feb 2024 00:07:57 GMT
server: cloudflare
etag: W/"5f5393d9246d318d5470a8f729d36805:1707350877000:DE"
vary: Accept-Encoding
x-goog-generation: 1706642066406932
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=22LbNw==, md5=X1OT2SRtMY1UcKj3KdNoBQ==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 459505
cf-ray: 85256a0e68fa8fe6-FRA
expires: Fri, 09 Feb 2024 00:20:58 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa0aada780a363a924b2c5b541f3e89dc7c2e69c6b400258aee7c9735c36bf5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 85ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:53 GMT
Content-Encoding: gzip
Age: 649
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/668D)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK v1.js Show response
embed.twitch.tv/embed/ 26 KB
8 KB 51ms
9ms Script
application/x-javascript 146.75.118.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.twitch.tv/embed/v1.js

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

016c5b62416cd665b7d8881e95359c1eeb84590305cad08ab9cfef2f0ffdb002

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300
Via: 1.1 varnish
Age: 1
X-Cache: HIT
Connection: keep-alive
Content-Length: 7984
X-XSS-Protection: 1; mode=block
X-Served-By: cache-fra-eddf8230062-FRA
Server: Kestrel
X-Timer: S1707411474.550049,VS0,VE2
ETag: "15dc27aa785e6cd295519fa6459a88b8"
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
Content-Type: application/x-javascript
Release-Type: release
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 76ms
47ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H2 200 ppplus.min.js Show response
www.paypalobjects.com/webstatic/ppplus/ 129 KB
46 KB 45ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/ppplus/ppplus.min.js

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

f6ac4c7dee0700961ca2565b269df2b9a806e198b912a12fb48e60fd96c37979

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 7354c17290150
dc: ccg11-origin-www-1.paypal.com
content-length: 47124
last-modified: Mon, 27 Dec 2021 18:12:39 GMT
server: ECAcc (frc/4CCC)
traceparent: 00-00000000000000000007354c17290150-505f100058039cd5-01
etag: W/"61ca0217-20281"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 08 Feb 2024 17:57:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 328ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44e0c963d0acc047954eb06262c78403e3dd5459b192c1f18e93c2cdf5a97c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51492
x-xss-protection: 0
server: cafe
etag: 6279015366722730041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 301ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-44D3TFEWMP

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3985d2656defd92206744eeba08170f10704a91507485fdfa8ca2d72f542a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1012 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,800,900

Requested by

Host: gheed.com
URL: https://gheed.com/static/assets/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76f0996d75f68df4a579a5eecbd5be46649a6830ba1428072869efc35502adc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 16:57:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 493 KB
197 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Origin: https://gheed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 10:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 10:26:21 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/5e928255/www-widgetapi.vflset/ 216 KB
67 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5e928255/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68548
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:19:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Feb 2025 16:49:18 GMT

GET
H2 200 splash-dark.png
gheed.com/static/assets/images/ 18 KB
19 KB 23ms
23ms Image
image/png 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/splash-dark.png
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dfdcc2bd0f3e869c5be6e5a6b300a4a5519bb7e6f2b5aad0744acaeee2c30bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/static/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 08:40:45 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 29837
etag: W/"4984-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18820
x-amz-cf-id: 0ea3NwdeHULpBwHj9kAsaAW8XKATsc0Hjnt-z5Bjtdx7vIaZhXPIAg==

GET
H2 200 loading.gif
gheed.com/static/assets/images/ 16 KB
16 KB 23ms
23ms Image
image/gif 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/loading.gif
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/global.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: aec539715dd6d27a2c98b2ccac35cf08801b412cf8ee2c6f9bed1a904f8a7431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/static/assets/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 06:48:17 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 36576
etag: W/"3f05-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 16133
x-amz-cf-id: 7meacIG0rcIhVHfdZsNqbsebN7X6W2WaJKwvi9CtOzjukkN0WXcdmg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4184
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 08 Feb 2024 17:48:09 GMT

GET
H2 200 guess Show response
gheed.com/prod/users/regions/ 36 B
572 B 27ms
27ms XHR
application/json 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/users/regions/guess
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 95cae09e62836c1f790e1f48b641d319794578f00368eb2133d21276bc5183ce

Request headers

Accept: application/json
Referer: https://gheed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 36
x-amz-cf-pop: FRA56-P6, FRA56-P2
x-amzn-requestid: 9c53c619-0e98-4314-a707-34b64367f5e1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04y1H8xliAES7w=
content-length: 36
pragma: no-cache
x-amzn-trace-id: Root=1-65c50811-426115fd6cbf0dde0dd65958;Sampled=0;lineage=893bda22:0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: JTrWDljH_kopTklnWsxURvGt_MHaJQPpyXqClPVUN8PuVd2zqthvyw==
expires: 0

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 40F3 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgheed.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5096172
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Feb 2024 16:57:53 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gheed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:03:46 GMT
x-content-type-options: nosniff
age: 60847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 00:03:46 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 40F3 869 B
661 B 149ms
118ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cc8437280658245e50e20f58146fa6f1f7f89ba2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgheed.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 08 Feb 2024 16:57:53 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 1416f232eb727b3d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: b0f435b2f255588245dc7e47136e4706d1dc5352e7a1de65e9b9a615a8dafa76
content-length: 337

GET
H2 200 tag Show response
btloader.com/ 93 KB
28 KB 64ms
26ms Script
application/javascript 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5514dd5f760e2714edb536c829430c39fed57d053b1df322029649d049bacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 08 Feb 2024 16:12:33 GMT
server: cloudflare
age: 2631
etag: "c2f71a0b36ca313e9c7a6ac99bb83bca"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 85256a104b84926e-FRA
content-length: 27985

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 76ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfe3354ded84fa5567f186eadd4481a3269a9478cacf907d0c40e8d4a0a43589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29408
x-xss-protection: 0
server: cafe
etag: 751 / 19761 / 31080925 / config-hash: 354865638797012756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 16:57:53 GMT

GET
H2 200 gpp-dae8ef5.min.js Show response
s.nitropay.com/ 255 KB
48 KB 27ms
26ms Script
application/javascript 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-dae8ef5.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2a5fcd0f66d86a0cadf7b220ee593486d023bce483ef7fe681c58111817fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 501536
x-guploader-uploadid: ABPtcPo8KAYF91HCOI9xNU7TqaBDbOJOgLPCDyERApa-EqHoBZGnTf1QoDbs_E8tNHnHQJpXFnJcF1X2WQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 21:33:22 GMT
server: cloudflare
etag: W/"5d8ff89532f4d66f6b449ce77381f2c2"
vary: Accept-Encoding
x-goog-hash: crc32c=YHn1Lg==, md5=XY/4lTL01m9rRJznc4Hywg==
x-goog-generation: 1705095202015127
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 261068
cf-ray: 85256a104bf08fe6-FRA
expires: Fri, 09 Feb 2024 21:38:57 GMT

GET
H2 204 1793
t.nit.ro/a/ 0
0 197ms
163ms Fetch
text/html 34.107.189.147
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.nit.ro/a/1793?d=eyJocmVmIjoiaHR0cHM6Ly9naGVlZC5jb20vIiwidiI6OTIsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiREUiLCJyIjoiQlkifQ%3D%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.189.147 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 147.189.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cloud-trace-context: e7444a391d6692c79c79b761fa0911f1
date: Thu, 08 Feb 2024 16:57:54 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html

GET
H3 200 1.gif
s.nitropay.com/ 42 B
654 B 42ms
42ms Image
image/gif 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 405242
x-guploader-uploadid: ABPtcPp1zLwvw-RWNNq9FUAGhsoaePMTves-hdVfqqMDERF93hvukol2_nalV8tRogUuHTJ8OOw
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 85256a1078889bcb-FRA
expires: Sun, 11 Feb 2024 00:23:52 GMT

GET
H3 200 close2.svg
s.nitropay.com/assets/ 305 B
803 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/close2.svg

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 2824443
x-guploader-uploadid: ABPtcPqZ76GQe6LI5f1Bjtn07KCjrhGiU0T6yPk3AASUIim_8JfGTLB_SY-aVXh7XhgSRhHJYi0dVg1XhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Wed, 08 Dec 2021 23:38:47 GMT
server: cloudflare
etag: W/"ca26e4a931ab434f475491bcab06132b"
vary: Accept-Encoding
x-goog-generation: 1639006727668923
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=tLOOxQ==, md5=yibkqTGrQ09HVJG8qwYTKw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 305
cf-ray: 85256a10788b9bcb-FRA
expires: Fri, 07 Feb 2025 16:57:54 GMT

GET
H2 200 gheed-logo-04-04.svg
gheed.com/static/assets/images/ 3 KB
1 KB 102ms
101ms Image
image/svg+xml 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/gheed-logo-04-04.svg
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5cb367f29a4f8ab0ff7b0b64558bd2b5893a8e6999cb9ac934389206c60e5c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:11:13 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 53201
etag: W/"a60-18d5befca10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: iQmVOIcTNHMilDEcVexvUubffd7vJWKu2rCcv_CyrSQJkdCqnyX93A==

GET
H2 200 homepage-banner-desktophd-screen.gif
gheed.com/static/assets/images/quicktour/ 231 KB
232 KB 102ms
101ms Image
image/gif 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/quicktour/homepage-banner-desktophd-screen.gif
Requested by: Host: gheed.com
URL: https://gheed.com/static/css/bundle.0ce2828b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: af2a10097ddd120c3087b270c680ac0fa649e9082e703858891d8a95460964e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/static/css/bundle.0ce2828b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:04:42 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 46392
etag: W/"39be2-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 236514
x-amz-cf-id: pxUpAbaPyJtY_cZy7748L4bzMYdXTzqH8wRJPM3AMvpXuYEkvfmTgQ==

GET
H2 200 homepage-banner-desktophd-dots.gif
gheed.com/static/assets/images/quicktour/ 158 KB
158 KB 102ms
101ms Image
image/gif 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/quicktour/homepage-banner-desktophd-dots.gif
Requested by: Host: gheed.com
URL: https://gheed.com/static/css/bundle.0ce2828b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cd38db74bd133b1b47c14f004b1b1ffee5ce0538144e3feebb2501ce65b8f1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/static/css/bundle.0ce2828b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 04:04:42 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 46392
etag: W/"276ac-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 161452
x-amz-cf-id: ISmn7ZM0C-_H1iIO8vBLfxNaja983zrRgVgTHC4yBTZWNcS0EpoHQA==

GET
H2 200 homepage-banner-desktophd.png
gheed.com/static/assets/images/quicktour/ 548 KB
549 KB 103ms
102ms Image
image/png 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/quicktour/homepage-banner-desktophd.png
Requested by: Host: gheed.com
URL: https://gheed.com/static/css/bundle.0ce2828b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7c4df1d603574437dff99d987e7839310830cf99e98d83b3e08d5a1b62060f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/static/css/bundle.0ce2828b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 06:34:40 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 37398
etag: W/"890a6-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 561318
x-amz-cf-id: fz8iigWk0YpJrxa4clD_rJKnttIo2rmfJjLfBhtzrJXtcXdWVyBiaQ==

GET
H/1.1 200
OK vitablo-desktop.jpg
gheed-campaigns-prod.s3.eu-central-1.amazonaws.com/campaigns/banners/ 66 KB
67 KB 566ms
451ms Image
image/jpeg 3.5.134.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed-campaigns-prod.s3.eu-central-1.amazonaws.com/campaigns/banners/vitablo-desktop.jpg
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.134.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3fb022ad37c039c9c72c19446b7afe7ebb435e5bbbdfa68db34c7318391e82ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:55 GMT
x-amz-version-id: o_fLxqPw5hyU.6OGoBnA7QfcHGfMKdaU
Last-Modified: Tue, 30 May 2023 17:33:23 GMT
Server: AmazonS3
x-amz-request-id: H4XRBXYQBXTKPQV7
ETag: "c99e0ac2f328a2a1e9934a1388c673dd"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 68054
x-amz-id-2: BHotbTrI4cdq5K5LmAyb6QbxPHgOIn8QoHNi5zLvPzTytLhOfp44+viP2eS1ZNJ0dWsg1z+E79TMx/kDnhQTEA==

GET
H2 200 icomoon.ttf
gheed.com/static/assets/fonts/ 19 KB
10 KB 102ms
102ms Font
font/ttf 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/assets/fonts/icomoon.ttf?4mwllp
Requested by: Host: gheed.com
URL: https://gheed.com/static/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a8f966928d56817417b1ba8124f61f066febcc2fceedc04ec039868709a201ed

Request headers

Referer: https://gheed.com/static/assets/css/fonts.css
Origin: https://gheed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:38:40 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:17 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 51573
etag: W/"4a80-18d5befc628"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 1DN91-aEbwm6xmF6VJ4B8tZqAx00VwWW7snKfZxdOVMnLO80d4nvFg==

GET
H2 200 mostpopular Show response
gheed.com/prod/raffles/active/ 33 KB
34 KB 103ms
102ms XHR
application/json 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/raffles/active/mostpopular?limit=20&page=1&mode=preview&featured_included=true
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: fe260e82201ec8975fe66523807094ea3ec46215185c59d38775390867dad0f3

Request headers

Accept: application/json
Referer: https://gheed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:49 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 34143
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 5
x-amzn-requestid: 3adfde4b-7e5c-4aff-bf3f-e7e7bc2af0a0
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04x2Hq_liAECcg=
content-length: 34143
pragma: no-cache
x-amzn-trace-id: Root=1-65c5080b-1775377547da9667234e9fe9;Sampled=0;lineage=893bda22:0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: jIGn81j49clSsZI5DTj25qsLQbWhv0XfrCq8kKcKxOnnEeyp7sMd6w==
expires: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 93D3 45 KB
28 KB 31ms
30ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=5hzbxylrpvx

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5656ffe9c1bd3e00a3be7d688116ac1c165a3b9ba9c12a3ccb34b3e03d57f0d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Feb_6zvk-8obGnDSErn-Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Feb_6zvk-8obGnDSErn-Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Feb 2024 16:57:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 af54c5e82b4c88e65732.worker.js
gheed.com/static/js/ 16 KB
4 KB 15ms
15ms Other
application/javascript 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/static/js/af54c5e82b4c88e65732.worker.js
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: cecd55e4908c3aa4cebc320b0d8ff56f0784c97c4cf86761394ae8f2cc6cbb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 06:48:18 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:49 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 36576
etag: W/"3f61-18d5bf04328"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: VVV7Q5A9Wqnaeerd9pIvuM0WyfupazS0pQ18sEHmu5N2Ebcn0ycf-g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1621922322&t=pageview&_s=1&dl=https%3A%2F%2Fgheed.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=A%20giveaway%20a%20day%20keeps%20the%20doctor%20away!%20%40%20GHEED&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=1105967593&gjid=870108475&cid=1744413101.1707411474&tid=UA-119779375-1&_gid=241584529.1707411474&_r=1&_slc=1&z=1963711709

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gheed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 16:57:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gheed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/ 406 KB
138 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7430270068753912&plah=gheed.com&aplac=true&bust=31080970

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9ba4b9e15846669856a442c26814991cd8b1250e22cc70e4bec9e8885ec32ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141207
x-xss-protection: 0
server: cafe
etag: 6826191938512489796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 16:57:54 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/ Frame BB9A 9 KB
5 KB 57ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gheed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:20:54 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 17:20:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 state Show response
api.btloader.com/mw/ 40 B
168 B 153ms
118ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Feb 2024 16:57:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
vary: Origin
content-type: application/json

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 67ms
33ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1331913
x-guploader-uploadid: ABPtcPpS5tyPC2on7RE-mv4T3VD8-N-LcIkrvcK6KgOno_jfcNGSHxNRKePj7AMFx7k_dC4Sy8I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1qxacQBilNc0zoulgBr6HQKBqUl92otL%2Ftj4zvEeKwcCZzS1ZCjvDdiHnXpFnQYKVB9DEnRzFG7KCpB%2Fg2%2B%2BbwY9%2BkFYsCkSztszR7CjT8n1cmrfOyG0kDOWs5wGkXrH7iqXK4rqIOjXpRu0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 85256a12dad918ff-FRA
expires: Wed, 24 Jan 2024 07:46:27 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 42ms
8ms Image
image/x-icon 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 12:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Feb 2024 12:58:06 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
915 B 62ms
29ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.04963250656568352
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1331913
x-guploader-uploadid: ABPtcPpS5tyPC2on7RE-mv4T3VD8-N-LcIkrvcK6KgOno_jfcNGSHxNRKePj7AMFx7k_dC4Sy8I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePHY0otttwnd8Az6q5ES4%2FYZZSlvtUTrCoufa1ML7Vwy%2FSs9Pp6HrRlmhrTwPMs4eW9pmCqlcpGVao1uFjheRGeGlt%2Bvek%2BlIClsAA2KorXKPZMl%2FhgltX2KTjWiIjSYB1jhchxp6Sxv3yx4Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 85256a12dad718ff-FRA
expires: Wed, 24 Jan 2024 07:46:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 93D3 55 KB
24 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=5hzbxylrpvx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 12:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 12:12:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 93D3 493 KB
196 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 10:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 10:26:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 109ms
60ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-119779375-1&cid=1744413101.1707411474&jid=1105967593&gjid=870108475&_gid=241584529.1707411474&_u=KEBAAEAAAAAAACAAI~&z=1141792108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gheed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Feb 2024 16:57:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gheed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0b8706be-3e21-497e-b534-6b4f0e0535ec
gheed.com/prod/images/ 247 KB
248 KB 29ms
23ms Image
image/png 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/0b8706be-3e21-497e-b534-6b4f0e0535ec?variant=520x416
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: d473ceac029d533863f956c9afa9cf569d7610a13ca8eccd4a3d05c6e1eca187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:55:41 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 253036
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 133
x-amzn-requestid: d682a5c5-9271-458b-9540-69806f33832e
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04eJGw-liAEYtw=
content-length: 253036
pragma: no-cache
x-amzn-trace-id: Root=1-65c5078d-5462535127b2cc9b371ed929;Sampled=0;lineage=893bda22:0
content-type: image/png
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: IXjr0w6NP63-AYitf0pMMLGRJi5oYwgPc25NsHaY7EgmBGqE2bymfw==
expires: 0

GET
H2 200 e087ed3a-0530-46df-8b81-208e309e5899-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 10 KB
11 KB 97ms
16ms Image
image/png 2600:9000:20a0:e000:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/e087ed3a-0530-46df-8b81-208e309e5899-profile_image-300x300.png
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:e000:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1ae7972581ced54424e9da6c1c0f19faeb053426c136eead1ccace3dd957d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:53:43 GMT
via: 1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 7897
x-cache: Hit from cloudfront
content-length: 10429
last-modified: Wed, 20 Jan 2021 15:25:41 GMT
server: nginx
etag: "4e05bbd84d3d8b37ee43a82fc7606768"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: eNCs5YwpbNkKNC0UVIvRjNRiLCnZoGq965nXImv3pP9JIbsxhTQhZQ==
expires: Thu, 08 Feb 2024 18:46:17 GMT

GET
H2 200 1f618ad3-aa15-41ea-9a5c-ad3d4e67eb2a
gheed.com/prod/images/ 315 KB
315 KB 14ms
9ms Image
image/png 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/1f618ad3-aa15-41ea-9a5c-ad3d4e67eb2a?variant=520x416
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 72867b3303fe71ae85f0fbcb0f0d3d62ca9d1ae8b150b777da7987de6536344d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:55:47 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 322106
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 127
x-amzn-requestid: f86bf533-cba3-481b-a780-caff87c5dc9d
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04fIHBlFiAETtw=
content-length: 322106
pragma: no-cache
x-amzn-trace-id: Root=1-65c50793-38bd38fe235f60316d37763c;Sampled=0;lineage=893bda22:0
content-type: image/png
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: 5343YWqmDJeeEKGmcSe2nLc0dYL8ojYzsxnUPvhMDk0zRiRVwHS-4Q==
expires: 0

GET
H/1.1 200
OK original.png
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/892c3e2d-4da5-4e7b-bc97-c2cfbfda0240/ 4 KB
4 KB 67ms
26ms Image
image/png 52.219.140.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/892c3e2d-4da5-4e7b-bc97-c2cfbfda0240/original.png
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.140.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6289be0c53b8faf3abc72de71de8b8bdb8e5dd86da138278e8d9d555a4c710b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:55 GMT
Last-Modified: Wed, 30 Nov 2022 18:12:07 GMT
Server: AmazonS3
x-amz-request-id: H4XVFQV94XQNFB70
ETag: "879a3a969fa7870ac2fe54197f1a22f1"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3702
x-amz-id-2: U8aU0NBnjcywBZ8q8DUqZwFu/k9g9nnvHjehAyXuj6a0ddt7LHTVP4xgkaxmCDhFXIMErjt2F74=

GET
H2 200 1d32f904-801e-4db6-93e7-f03d5d55201e
gheed.com/prod/images/ 20 KB
20 KB 14ms
9ms Image
image/jpeg 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/1d32f904-801e-4db6-93e7-f03d5d55201e?variant=520x416
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: ee3f0802288edc0b252dcb7cf4863ac15cba5e4385334b22d333df78fd865d57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:55:47 GMT
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 20374
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 127
x-amzn-requestid: 6050f91e-c90b-4c4e-a386-ac778d7edf41
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04fIHQ6FiAEUyw=
content-length: 20374
pragma: no-cache
x-amzn-trace-id: Root=1-65c50793-1754fcfc1d093c3a5ca4f96d;Sampled=0;lineage=893bda22:0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: _buaBvQyp0K0G-y8Ew6nRYS8O6X8kUz7IyAcFDX4HJ6sl9AW6YUJwQ==
expires: 0

GET
H/1.1 200
OK original.PNG
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/9e162728-516f-4a5b-81d9-200ca72be752/ 154 KB
154 KB 66ms
25ms Image
image/png 52.219.140.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/9e162728-516f-4a5b-81d9-200ca72be752/original.PNG
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.140.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 586c622de1b8d37cb2587d61e8ceb6115e75ec827fe1dea61ae173e0d36d1caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:55 GMT
Last-Modified: Wed, 10 Jan 2024 15:08:52 GMT
Server: AmazonS3
x-amz-request-id: H4XSTK9FC053DSMR
ETag: "31ef3e7169faea2a5ec200644d605074"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 157226
x-amz-id-2: 6lrJyCdMV+U9JYux9LiSEborQj6kc/Nmp3t/OJTktyDQYTcQJNrBPIxbcoF4QpA4ng1/10yZPnc=

GET
H2 200 d70297ea-a3d7-413c-acee-16c7327a0cf8
gheed.com/prod/images/ 16 KB
17 KB 13ms
8ms Image
image/jpeg 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/d70297ea-a3d7-413c-acee-16c7327a0cf8?variant=520x416
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 5b3a279eefdb01f3814848d8ed3e5be567dee589c2e77b715c15e30d076ffb16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:55:47 GMT
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 16880
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 127
x-amzn-requestid: 367d5389-9c9b-4909-b7d9-ba4ff3dc327b
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04fIHOZliAEU1A=
content-length: 16880
pragma: no-cache
x-amzn-trace-id: Root=1-65c50793-60752a5c4d18835315ccd3d2;Sampled=0;lineage=893bda22:0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: omrhkhUrp2tnrJraCqlAV5C9pq0iKxHRpJsTVlMudGD5zz1tY7Rldg==
expires: 0

GET
H2 200 ef53de39-9270-491a-b700-21c7bf0e6eb2-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 65 KB
66 KB 98ms
19ms Image
image/png 2600:9000:20a0:e000:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/ef53de39-9270-491a-b700-21c7bf0e6eb2-profile_image-300x300.png
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:e000:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 63776762994d24f9b482def41af3f0b7050f3c3f2134b6e8dc79b3b888eaa058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:28:49 GMT
via: 1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 12556
x-cache: Hit from cloudfront
content-length: 66914
last-modified: Tue, 16 Aug 2022 12:00:22 GMT
server: nginx
etag: "85fe102d80d55d45a50ca18cc57c5670"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: kABbuQdR0KT0HpkxLAliE6Eq2gsEAawT1F3KmKT5yHSWB2LqXEObOA==
expires: Thu, 08 Feb 2024 17:28:37 GMT

GET
H2 200 7f2668db-a43b-413a-aff2-04699f51864f
gheed.com/prod/images/ 15 KB
15 KB 13ms
9ms Image
image/jpeg 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/prod/images/7f2668db-a43b-413a-aff2-04699f51864f?variant=520x416
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 1c6874c42cef490521ce803257613dbe48f1928860a79763465aa38715fb77eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:55:47 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 15194
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 127
x-amzn-requestid: cdffce22-65db-4744-8e9f-0adfc64f6ae1
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04fIENVFiAES7w=
content-length: 15194
pragma: no-cache
x-amzn-trace-id: Root=1-65c50793-15912d4f4d9d535f53352404;Sampled=0;lineage=893bda22:0
content-type: image/jpeg
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: 6Wah2VA9cJYuFMYPDvH0I3jdj76TXZyD7dTKzeFDzu8ngssxImsu8w==
expires: 0

GET
H/1.1 200
OK original.jpg
s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/06ca9e3d-d0bb-42a7-b3b7-9e15ff0b5f62/ 12 KB
13 KB 64ms
24ms Image
image/jpeg 52.219.140.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/gheed-service-prod-media/images/users/06ca9e3d-d0bb-42a7-b3b7-9e15ff0b5f62/original.jpg
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.140.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d9f3bc5235b2bd13291f9d0cbee5f33296842955ba4040c71abd0b5ab641d359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 16:57:55 GMT
Last-Modified: Mon, 15 Jan 2024 08:38:53 GMT
Server: AmazonS3
x-amz-request-id: H4XXAZ7C0S1QBVDQ
ETag: "3164f73e5cbac8095cf8c4a0af3c089f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 12664
x-amz-id-2: 1aNXnukwKs6M0f/4qh/RbRLk9FSBSeHJbmwwESAMLi45niMbaR/21XMSElshhiLX0MeCI0I62/8=

GET
H2 200 39dec03b-220e-4158-b373-5be3cc950efc-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 83 KB
83 KB 104ms
26ms Image
image/png 2600:9000:20a0:e000:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/39dec03b-220e-4158-b373-5be3cc950efc-profile_image-300x300.png
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:e000:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f3b2913aa914abb04511dcba27c910ca774e7dcfd551b9e24228e61203da30e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:53:42 GMT
via: 1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 7663
x-cache: Hit from cloudfront
content-length: 84554
last-modified: Tue, 03 Dec 2019 19:38:14 GMT
server: nginx
etag: "c4b65eb7b06ad2369d6dcaf848bf1c88"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: RdeS3qVAlBi5PEN3ABbMmWt3-jBgwmVKGvYZiUqTDItuJnKm0PBZGA==
expires: Thu, 08 Feb 2024 18:50:10 GMT

GET
H2 200 platzhalter-avatar.jpg
gheed.com/static/assets/images/ 7 KB
7 KB 26ms
23ms Image
image/jpeg 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gheed.com/static/assets/images/platzhalter-avatar.jpg
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 44225736796441f4acca94ef564227055369cb6f1109a5ca7a57bcb514cc744c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 05:49:38 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 19:54:18 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-P2
age: 40096
etag: W/"1a60-18d5befca10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 6752
x-amz-cf-id: JQ0Y00Lrf8Hj2KHrozEPJzLWelnLO9OIisSTvmprYknAtlQrH55oMw==

GET
H2 200 10771f69-763e-4ef0-80bf-b4f6f4df161a-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 94 KB
95 KB 107ms
29ms Image
image/png 2600:9000:20a0:e000:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/10771f69-763e-4ef0-80bf-b4f6f4df161a-profile_image-300x300.png
Requested by: Host: gheed.com
URL: https://gheed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:e000:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 17d6c8781fdaba510d243265218603d671b75bc48f14e48257ee41b6d32b612b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 12:58:11 GMT
via: 1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 14383
x-cache: Hit from cloudfront
content-length: 96491
last-modified: Sun, 29 Mar 2020 15:55:59 GMT
server: nginx
etag: "43c30cb5fd30ca3d8f674aa74ca32799"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: yfiK09tkfUJz89vjgZPp2OsiqdW3vMRjgTruRHnwf8z0RyyeKxGCKQ==
expires: Thu, 08 Feb 2024 16:58:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 38ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-44D3TFEWMP&gtm=45je4250v9106762326za200&_p=1707411473617&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=1744413101.1707411474&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707411474&sct=1&seg=0&dl=https%3A%2F%2Fgheed.com%2F&dt=A%20giveaway%20a%20day%20keeps%20the%20doctor%20away!%20%40%20GHEED&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44D3TFEWMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Feb 2024 16:57:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gheed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402050101/ 436 KB
137 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402050101/pubads_impl.js?cb=31080925

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2591678fad53984444b2ac01da6b320f0f4262b759dd6e7e308961c369e18bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73537
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 8632381593817151086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 20:32:17 GMT

GET
H2 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
36 KB 65ms
25ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-dae8ef5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505097
x-guploader-uploadid: ABPtcPrpM71jXVgEvqzBDBFXl0fX3FgLF3wA1_C1yOLp-xLot7PCj12-0FZcTOQF2YOsMQb5gDPIObs2qA
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
server: cloudflare
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary: Accept-Encoding
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation: 1689147090287559
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0zjHbZ%2FkjnRsifD%2BwnODBdpfGgQHX%2B%2BRle2EXJLmg%2B4L%2BtUqNkT7uVAVrVsIc%2FG9g%2FaIEC0fU5WCQtqkUVW6mM%2Bn3y79MFp1GN6y4nucDAVSq2wFCJli05H%2F0sIRjrSGyYIG6qY1qReBH0%2F%2FarzZec7O%2FY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 119221
cf-ray: 85256a140d851e4a-FRA
expires: Fri, 09 Feb 2024 20:02:54 GMT

GET
H2 200 vendor-list-v3.json Show response
consent.nitrocnct.com/ 568 KB
71 KB 61ms
22ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/vendor-list-v3.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-dae8ef5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e4a09b017b0438191cda12442fa36ccef724b19d6c7fb5e3dea10f049e682c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156174
x-guploader-uploadid: ABPtcPpGJHWxkLx7ZaZSYwpitwXVwDBoYbVwpXeIv09wI-ixTZlYxJy5oGWGQ_MxZFIH6KFw3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Feb 2024 16:15:03 GMT
server: cloudflare
etag: W/"4fd1fa602efd82bce51bdba72291512f"
vary: Accept-Encoding
x-goog-hash: crc32c=28u3xA==, md5=T9H6YC79grzlG9unIpFRLw==
x-goog-generation: 1706804103072767
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIZz8ewirNOl1Jf0VZEj2pN%2F%2FZR4SDeKxnslJq6uMwrb8Ky7vOO%2BkGQDW82w9NPGn1HCS9uNwvUn%2FbdKkQsgqSXTcCUPEEA1U1yfZz2SiPY1ZzrAybI0tkNZMez98rZ4IBttF1aKd6XnDhx7LMF8bBET80o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 581975
cf-ray: 85256a140d881e4a-FRA
expires: Tue, 13 Feb 2024 20:41:52 GMT

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame 93D3 17 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=5hzbxylrpvx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:04:06 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 93D3 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 248460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 12 Feb 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 93D3 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 581458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 93D3 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:44:28 GMT
x-content-type-options: nosniff
age: 533606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 12:44:28 GMT

GET
H3 200 lang.png
s.nitropay.com/cmp/ 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/lang.png

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 2672
x-guploader-uploadid: ABPtcPoJbP0rE9P7eElcQq2PcjhojWPMi7UVItSLW456yKRsXZVtQP15LE-awdNty0-Qa6Webik
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1887
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
vary: Accept-Encoding
x-goog-generation: 1666344058779792
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 85256a14b8759bcb-FRA
expires: Thu, 08 Feb 2024 16:43:27 GMT

GET
H3 200 cancel.png
s.nitropay.com/cmp/ 1 KB
2 KB 20ms
20ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/cancel.png

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 629
x-guploader-uploadid: ABPtcPpUEInLQs-UUxKal84kEmOZTOTRxSazOStrNxi1fUoUl--3lYZo3UMcuOrJq5uj-gnUb1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1302
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
vary: Accept-Encoding
x-goog-generation: 1666344058825998
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 85256a14b8779bcb-FRA
expires: Thu, 08 Feb 2024 17:22:26 GMT

GET
H3 200 logo.png
s.nitropay.com/cmp/ 3 KB
3 KB 21ms
20ms Image
image/png 2606:4700::6812:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/logo.png

Requested by

Host: gheed.com
URL: https://gheed.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:34e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gheed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 3352
x-guploader-uploadid: ABPtcPpWiiCxkU3ua67-fxOt__-eF9Ks6opK_6SQ9on3ws8JpcRhY9durpdF6M5bcGfik4IfxS2M2ycCUg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2592
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
vary: Accept-Encoding
x-goog-generation: 1666344058842900
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 85256a14b87b9bcb-FRA
expires: Thu, 08 Feb 2024 17:02:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 93D3 102 B
135 B 17ms
16ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LektVwUAAAAAKWZHtZYIAwbcP-F0NCL4CzpXSwm&co=aHR0cHM6Ly9naGVlZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=5hzbxylrpvx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 08 Feb 2024 16:57:54 GMT

GET
H2 200 categories Show response
gheed.com/prod/ 2 KB
3 KB 9ms
9ms XHR
application/json 18.66.97.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gheed.com/prod/categories
Requested by: Host: gheed.com
URL: https://gheed.com/static/js/vendors.add763cf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 84dd8d71b036cbe1ef3e4ae52117f15aaca29130b47d883933b0048b53a45e78

Request headers

Accept: application/json
Referer: https://gheed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:54:02 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront), 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 2384
x-amz-cf-pop: FRA56-P6, FRA56-P2
age: 233
x-amzn-requestid: 229caa89-9f18-43f2-8c70-56c1d9b971a1
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
x-amz-apigw-id: S04OkFf4FiAEPKQ=
content-length: 2384
pragma: no-cache
x-amzn-trace-id: Root=1-65c50729-1fc9e0ee1303f21169d6f782;Sampled=0;lineage=893bda22:0
content-type: application/json
x-country: DE
cache-control: public, max-age=0
x-amz-cf-id: UT7XhoCmTO9VcENZJQMhSIIQnawdkNEu31uIZM4sGK9OGWSSFykilw==
expires: 0

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: HnEzGpfqK1s
.youtube.com/	1970-01-20 22:36:03	Name: VISITOR_INFO1_LIVE Value: vP0OKdabYMY
.nitropay.com/	1970-01-20 18:16:53	Name: __cf_bm Value: zNDrAyEmKe0G2blk4l1oj0bvWea434TvpNhr1xqoWeM-1707411473-1-AbKBTx5r2Y2yeUrWqRVBG7D+Be+CYHmqoLx4ssKf5sLgDFkef1kWVXRN3mGYN4u7gk/XXcJunxf1fetrpFjtlSY=
.gheed.com/	1970-01-20 18:18:17	Name: _gid Value: GA1.2.241584529.1707411474
gheed.com/	1969-12-31 23:59:59	Name: BannerRotationStart Value: 0
.gheed.com/	1970-01-20 18:16:51	Name: _gat Value: 1
.gheed.com/	1970-01-21 03:52:51	Name: _ga_44D3TFEWMP Value: GS1.1.1707411474.1.0.1707411474.0.0.0
.gheed.com/	1970-01-21 03:52:51	Name: _ga Value: GA1.1.1744413101.1707411474
.gheed.com/	1970-01-21 03:02:27	Name: ncmp.domain Value: gheed.com

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gheed.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
consent.nitrocnct.com
embed.twitch.tv
fonts.googleapis.com
fonts.gstatic.com
gheed-campaigns-prod.s3.eu-central-1.amazonaws.com
gheed.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
region1.google-analytics.com
s.nitropay.com
s3.eu-central-1.amazonaws.com
securepubads.g.doubleclick.net
static-cdn.jtvnw.net
stats.g.doubleclick.net
syndication.twitter.com
t.nit.ro
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypalobjects.com
www.youtube.com
104.244.42.8
130.211.23.194
142.250.186.38
146.75.118.167
18.66.97.108
18.66.97.8
192.229.221.25
2001:4860:4802:32::36
2600:9000:20a0:e000:19:f28c:cd92:c761
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:4bd8
2606:4700:20::ac43:4513
2606:4700::6812:34e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9b
2a06:98c1:3121::3
3.5.134.169
34.107.189.147
52.219.140.35
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
016c5b62416cd665b7d8881e95359c1eeb84590305cad08ab9cfef2f0ffdb002
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17d6c8781fdaba510d243265218603d671b75bc48f14e48257ee41b6d32b612b
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c6874c42cef490521ce803257613dbe48f1928860a79763465aa38715fb77eb
266a29bf57b54d51f7289747197132d43179b4f024d61069dbaea01da8012d13
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3c052c239f112d8a87865f56d70dfe3c0cd53ad2ac9e9c53f5697b06eb3d4a9c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f3b2913aa914abb04511dcba27c910ca774e7dcfd551b9e24228e61203da30e
3fb022ad37c039c9c72c19446b7afe7ebb435e5bbbdfa68db34c7318391e82ac
44225736796441f4acca94ef564227055369cb6f1109a5ca7a57bcb514cc744c
44e0c963d0acc047954eb06262c78403e3dd5459b192c1f18e93c2cdf5a97c22
5656ffe9c1bd3e00a3be7d688116ac1c165a3b9ba9c12a3ccb34b3e03d57f0d1
586c622de1b8d37cb2587d61e8ceb6115e75ec827fe1dea61ae173e0d36d1caf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3a279eefdb01f3814848d8ed3e5be567dee589c2e77b715c15e30d076ffb16
5cb367f29a4f8ab0ff7b0b64558bd2b5893a8e6999cb9ac934389206c60e5c49
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
6289be0c53b8faf3abc72de71de8b8bdb8e5dd86da138278e8d9d555a4c710b7
62e4a09b017b0438191cda12442fa36ccef724b19d6c7fb5e3dea10f049e682c
63776762994d24f9b482def41af3f0b7050f3c3f2134b6e8dc79b3b888eaa058
658d3b1ee2935a51623d0fa23bcf4d68c00fc12ae68c077d99a297f1e5020e5e
67617a63e4b3c5921085d11b8db467f81262b155eb5a1cd6b189bafa80f4d108
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5514dd5f760e2714edb536c829430c39fed57d053b1df322029649d049bacb
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70d791d587d64a5694f37ce7927a71f38d4b8d7b0c643a51d6ceeb3d26201e30
72867b3303fe71ae85f0fbcb0f0d3d62ca9d1ae8b150b777da7987de6536344d
76f0996d75f68df4a579a5eecbd5be46649a6830ba1428072869efc35502adc1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c4df1d603574437dff99d987e7839310830cf99e98d83b3e08d5a1b62060f3e
84dd8d71b036cbe1ef3e4ae52117f15aaca29130b47d883933b0048b53a45e78
862da7a63ed8c7a0ff4fdfe2df7678c4739d6f49dc38eee1067b245553dc9119
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
95cae09e62836c1f790e1f48b641d319794578f00368eb2133d21276bc5183ce
96469ec71636303e1b8e7ca9369b3fa55a2cf1712c9cb1a5b2064381522cae6f
976e48336d2ca958400d30d5fe1c24a539c1b0bd8a603078e883e78d30db0884
9a2a5fcd0f66d86a0cadf7b220ee593486d023bce483ef7fe681c58111817fbf
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9e7b1c3d14a6f4ae83d6903e1ca998accc6340c86db646945fc4f7ae41343cfb
a1ae7972581ced54424e9da6c1c0f19faeb053426c136eead1ccace3dd957d0f
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
a8f966928d56817417b1ba8124f61f066febcc2fceedc04ec039868709a201ed
aa0aada780a363a924b2c5b541f3e89dc7c2e69c6b400258aee7c9735c36bf5f
aec539715dd6d27a2c98b2ccac35cf08801b412cf8ee2c6f9bed1a904f8a7431
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2a10097ddd120c3087b270c680ac0fa649e9082e703858891d8a95460964e5
b9ba4b9e15846669856a442c26814991cd8b1250e22cc70e4bec9e8885ec32ec
bfe3354ded84fa5567f186eadd4481a3269a9478cacf907d0c40e8d4a0a43589
c2591678fad53984444b2ac01da6b320f0f4262b759dd6e7e308961c369e18bd
c3985d2656defd92206744eeba08170f10704a91507485fdfa8ca2d72f542a6d
c68eacb383629cf30559eb8ddd4f957df1b5190a9b5c6a5ba198dd7eeb873dec
cd38db74bd133b1b47c14f004b1b1ffee5ce0538144e3feebb2501ce65b8f1e8
cecd55e4908c3aa4cebc320b0d8ff56f0784c97c4cf86761394ae8f2cc6cbb2f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d473ceac029d533863f956c9afa9cf569d7610a13ca8eccd4a3d05c6e1eca187
d716c97ecb7fdf23a8e7d9a8f58590a7978db39aed5d8f8dc091e227a4d6e313
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9f3bc5235b2bd13291f9d0cbee5f33296842955ba4040c71abd0b5ab641d359
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdcc2bd0f3e869c5be6e5a6b300a4a5519bb7e6f2b5aad0744acaeee2c30bc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ee3f0802288edc0b252dcb7cf4863ac15cba5e4385334b22d333df78fd865d57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ac4c7dee0700961ca2565b269df2b9a806e198b912a12fb48e60fd96c37979
fd3c29a0d7bef211ff305c707300d6752136c25b1cd189b3fe43235d610a2a8d
fe260e82201ec8975fe66523807094ea3ec46215185c59d38775390867dad0f3

gheed.com Open in urlscan Pro 18.66.97.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

64 %IPv6

19 Domains

27 Subdomains

27 IPs

3 Countries

4511 kBTransfer

10150 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gheed.com Open in urlscan Pro
18.66.97.108 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

64 %
IPv6

19
Domains

27
Subdomains

27
IPs

3
Countries

4511 kB
Transfer

10150 kB
Size

9
Cookies

76 HTTP transactions
0 data transactions