urlscan.io logo urlscan.io
SecurityTrails logo

act.fordeal.com Open in urlscan Pro
2606:4700::6812:1591  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://f0r.co/XivRy
Effective URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData...
Submission: On December 02 via manual from EG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 81 HTTP transactions. The main IP is 2606:4700::6812:1591, located in United States and belongs to CLOUDFLARENET, US. The main domain is act.fordeal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2021. Valid for: a year.
This is the only time act.fordeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6812:c76 (United States)

ASN13335 (CLOUDFLARENET, US)
f0r.co
13    2606:4700::6812:1591 (United States)

ASN13335 (CLOUDFLARENET, US)
act.fordeal.com
gw.fordeal.com
dot-hub-x.fordeal.com
dot.fordeal.com
client-metrics.fordeal.com
12    2606:4700::6812:19c9 (United States)

ASN13335 (CLOUDFLARENET, US)
s4.forcloudcdn.com
s3.forcloudcdn.com
2    2606:4700::6812:1491 (United States)

ASN13335 (CLOUDFLARENET, US)
dot-hub-x.fordeal.com
client-metrics.fordeal.com
1    52.222.236.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-61.fra56.r.cloudfront.net
sc-static.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.32.121.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-111.fra60.r.cloudfront.net
cdn.branch.io
1    2600:9000:2156:ae00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
19    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:21f3:4c00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
19 tr.snapchat.com sc-static.net
8 gw.fordeal.com s4.forcloudcdn.com
7 s3.forcloudcdn.com f0r.co
act.fordeal.com
s3.forcloudcdn.com
6 www.googletagmanager.com s4.forcloudcdn.com
www.googletagmanager.com
5 s4.forcloudcdn.com act.fordeal.com
4 www.google.de
4 www.google.com
3 api2.branch.io cdn.branch.io
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net s4.forcloudcdn.com
connect.facebook.net
2 client-metrics.fordeal.com s4.forcloudcdn.com
2 www.facebook.com
2 dot.fordeal.com s4.forcloudcdn.com
2 dot-hub-x.fordeal.com s4.forcloudcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
1 app.link cdn.branch.io
1 cdn.branch.io s4.forcloudcdn.com
1 sc-static.net s4.forcloudcdn.com
1 act.fordeal.com f0r.co
1 f0r.co
81 22

This site contains no links.

Subject Issuer Validity Valid
*.f0r.co
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
fordeal.com
Cloudflare Inc ECC CA-3		 2021-07-10 -
2022-07-09		 a year crt.sh
forcloudcdn.com
Cloudflare Inc ECC CA-3		 2021-06-20 -
2022-06-19		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
appipv4.link
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Frame ID: DBF1AF3CC741B4A065BC4C89A06D8FAB
Requests: 71 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0
Frame ID: 3FE659E4F469CA2CBFDFC58AC294B6E0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AB99ED6DB63036E1AA80FB23A35CE41B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 437F75C1F619697F714A6DA7A8EFF44C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C043180BCD86EF428A89DE8D2B3DCA2C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 5801A03F844807F016FCC7B3B0B149C1
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 069B8368313BFE9D630FEF2E76A86EB5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: DBC923778E5299AF216A77A127E2D96D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 306A3EC610B500CE7285E183BA94D3FE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: BE001937B6B69CFF2ABEECE0CF0258A2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 98B8435AD8A4F9843EEC03808D24653C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iPhone13 free for you

Page URL History Show full URLs

  1. https://f0r.co/XivRy Page URL
  2. https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_202010... Page URL

Page Statistics

81
Requests

99 %
HTTPS

78 %
IPv6

15
Domains

22
Subdomains

19
IPs

3
Countries

789 kB
Transfer

2012 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://f0r.co/XivRy Page URL
  2. https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
XivRy
f0r.co/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0r.co/XivRy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 02 Dec 2021 23:12:48 GMT
content-type
text/html;charset=UTF-8
refresh
2;url=https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
content-language
de-DE
x-envoy-upstream-service-time
8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b783dfdff765a13-MXP
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif
s3.forcloudcdn.com/dmc/ 		0
0
Primary Request award
act.fordeal.com/act/game/share/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Requested by
Host: f0r.co
URL: https://f0r.co/XivRy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d60422568a4400a883eda7631ca5ab95a317422b48ed4b2fc7d1389322ed3e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f0r.co/

Response headers

date
Thu, 02 Dec 2021 23:12:48 GMT
content-type
text/html;charset=utf-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b783e00dc4d0e0e-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
index.css
s4.forcloudcdn.com/-/libs/fd-base-style/1.3.2/base.css,libs/fd-lego-base/1.2.7/ 		22 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-base-style/1.3.2/base.css,libs/fd-lego-base/1.2.7/index.css
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40a0f58b1a580d3a19f606a7babec916e4b1a881e14d5df77385ed754001b7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
age
2672
cf-polished
origSize=22879
x-cache-status
MISS
last-modified
Tue, 27 Oct 2020 02:36:41 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"595f-t0WJvawEBzCeNBAzKHT2Nqg/Hs4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=691200
cf-ray
6b783e04692d1f51-FRA
expires
Fri, 10 Dec 2021 23:12:49 GMT
82f8d64f6ce82a8c9007914ad698135e.css
s3.forcloudcdn.com/assets/lego/ 		49 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.forcloudcdn.com/assets/lego/82f8d64f6ce82a8c9007914ad698135e.css
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332973622c708bc1f05e074d340d93af4d334bac6489763c2e54044a48b3d65c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
age
1197997
cf-polished
origSize=50476
last-modified
Fri, 19 Nov 2021 02:21:53 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
33PD630FD31TY6W1
x-amz-id-2
en4RFyxkhrelpPHvuKLfYEx6maYIsTl/tBudTl56ILTBemuEBiHYKOJCSwz1c2CmLSflHBY2FPA=
cf-bgj
minify
server
cloudflare
etag
W/"ea2c0d4cdc15d23c05ff1134eddd40f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=691200
x-amz-version-id
yalVE4_7Kl4vsxvi7mAK.EwLj35Q2SmM
cf-ray
6b783e0438fd1f51-FRA
expires
Fri, 10 Dec 2021 23:12:49 GMT
js.cookie.js
s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ef62d069bde5ebf307ef322360dbf9ef2b92fe6d41dd2b9fe878d7cdc618e6

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
age
3592
cf-polished
origSize=92431
x-cache-status
HIT
last-modified
Tue, 19 May 2020 09:17:47 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"1690f-/CdX3X8PoeW9zGmHP0jxNr5ixzs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6b783e046c3f375e-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
trackerUtils.js
s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.4.4/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.4.4/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238a7270b003c437ead346657a0d1c4e602a21f0e87ad38411bcd1444de8ea2f

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=53675
x-cache-status
MISS
last-modified
Thu, 18 Nov 2021 05:30:47 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"d1ab-Gy0VT5U/C1Q4rNaQ98xgDXVngZ8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6b783e046c3e375e-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
promotion.js
s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/... 		135 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61c7b2c86c0509211a8fac185c25ce0df5e72975726a8bd844569f03c26fa36

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=138655
x-cache-status
MISS
last-modified
Thu, 18 Nov 2021 07:45:42 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"21d9f-zUemTw/wGIcQ+H6f8WuuV6hD87Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6b783e046c40375e-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
native-external.js
s4.forcloudcdn.com/-/libs/fd-mipha-core/2.6.5/app.js,libs/fd-lego-base/1.2.7/index.js,libs/fd-native-app/1.2.15/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-mipha-core/2.6.5/app.js,libs/fd-lego-base/1.2.7/index.js,libs/fd-native-app/1.2.15/native-external.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9eae8ce3766ca15b3256cf4dc0ce627d5abb9bffc230c67db6b49b3cc4eb8

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=20107
x-cache-status
MISS
last-modified
Thu, 18 Nov 2021 04:21:37 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"4e8b-dvdRtIJ2o4JfSzUaFoNjx7hVTq0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6b783e046c41375e-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
82f8d64f6ce82a8c9007914ad698135e.js
s3.forcloudcdn.com/assets/lego/ 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.forcloudcdn.com/assets/lego/82f8d64f6ce82a8c9007914ad698135e.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%2FPefClvampYNMkhHw%3D%3D&act_promotion_short_url=116522&act_share_lan=en&act_share_region=QA&act_promotion_appid=0&lan=en&cur=QAR&luckyNumber=2952&bgColor=%236e8ef5&navigation=none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9870e8bf7c76563c1af2f454b2ce4f957ac7c218fe52de78bce3a50895acf5

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
778427
last-modified
Fri, 19 Nov 2021 02:21:53 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
33P4CRW60827C30Y
x-amz-id-2
5zOQBs5+df39/WOCTAinIVA7PQem3Q5dULHZZytOCAluftSXDROZVzme/uq4CJImVdSMCr0FTFY=
cf-bgj
minify
server
cloudflare
etag
W/"471a1cd7dc473c77825256167ddf502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
6000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
x-amz-version-id
giJ4.uMwWKkPI0gSWwf8mHGkvLbUKdVU
cf-ray
6b783e045c22375e-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
dotRecords
dot-hub-x.fordeal.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://act.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
access-control-allow-origin
https://act.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b783e06bf943751-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
gw.fordeal.com/gw/dwp.horizon.config/ 		409 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?data=%7B%22key%22%3A%22h5TrackerConfig%22%7D&gw_ver=1&plat=h5&ct=1638486769426&appname=fordeal&sign=15b1fc9da80b0753f65fa10bc6a75e93
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a487790e4892450950c5c1b65d0fb9d0de84ae718044504d004044e6ded8be04
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
8
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-base-horizon-prod-017184
gw-st
1638486769606
cf-ray
6b783e05cc630e0e-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.4898b7e3c42741ff8d62300817ed62b9.265.16384867695980546
1
gw.fordeal.com/gw/dwp.carnival.queryActResult/ 		1 KB
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.carnival.queryActResult/1?data=%7B%22activityId%22%3A110908%7D&gw_ver=1&plat=h5&ct=1638486769437&appname=fordeal&sign=6d796489ffda26200d379c20832598ef
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64be9eb2e086ff3ae0e543c4d251c2483e473371ab777ae19ea95ee8fc667724
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
21
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
23
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-promotion-carnival-prod-026122
gw-st
1638486769637
cf-ray
6b783e05cc670e0e-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.99a597d44817400c9f1f381e759cc0bf.131.16384867696148215
1
gw.fordeal.com/gw/dwp.cheetah.get/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.get/1?data=%7B%22pid%22%3A%22113608%22%7D&gw_ver=1&plat=h5&ct=1638486769439&appname=fordeal&sign=a0f5bfa87ad263e8c19549d062baf6e3
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dcc730588cb221b4a77a6b97a2be924303e9a15cf7ecf33551d9f6ae71f159a
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
9
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
13
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-base-cheetah-prod-016056
gw-st
1638486769620
cf-ray
6b783e05cc650e0e-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.d2514778e4394e87a07b956012024438.196.16384867696073061
dotRecords
dot-hub-x.fordeal.com/api/v2/ 		32 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6b783e0739853743-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotRecord
dot.fordeal.com/api/ 		32 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotRecord
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6b783e077f360e0e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
gw.fordeal.com/gw/dwp.growth-api-svr.attribution-form/ 		84 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.growth-api-svr.attribution-form/1
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99fe5b992fef63317f47c9dddcb6bfae6f6ed983cf809a4181b7c6da8a334728
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
2
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
4
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-growth-attribution-service-prod-029039
gw-st
1638486769635
cf-ray
6b783e05cc5e0e0e-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.6dcedcb159894a68a5a63a1c2354e804.130.16384867696311358
1
gw.fordeal.com/gw/dwp.horizon.config/ 		879 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?data=%7B%22key%22%3A%22FE.pixel.mobile.fordeal%22%7D&gw_ver=1&plat=h5&ct=1638486769452&appname=fordeal&sign=2e4eb69cc31957f391f1b3b1babac4d5
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414e62a87b2ea7550350a4092a2ed60f49c6a15faf0d223381c86f3af954ef8b
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
5
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
horizon-64c68c774d-wffgz
gw-st
1638486769606
cf-ray
6b783e05cc6a0e0e-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.88e8f41686a242969dd674236852d2d2.391.16384867696017796
scevent.min.js
sc-static.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-61.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA56-P4
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
6816
via
1.1 d04699b52d8873377c4b5f4e7dcf7069.cloudfront.net (CloudFront)
x-amz-cf-id
ojJg3qXA8RDMOHMcZ82hQewRkZt_8sSjMZVW7eIACF7pKGXP13vpEg==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
o1esTUdS1J+zgu/pEO9m0pqeN3SfubXzbUDBgr54gJxWjnKde+xvJQ2yIqfxKBt0zw3VVzKPdCU75iUXU7SuOw==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 02 Dec 2021 23:12:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-94012617-9
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b716050fac730b20b897cb0009979257c9f202d5820443fb866020cc46acf201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37155
x-xss-protection
0
expires
Thu, 02 Dec 2021 23:12:49 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-927470498
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14a18b1bd804d9e1180cfe5554204a8e9a7531175647a6126c256aa2cba03f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50854
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 21:51:19 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 23:12:49 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-471643095
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2456d3652502f2b37b2e62c31ac1adbd6c910710dbd881f7b82436ac0daa3583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39595
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 21:51:19 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 23:12:49 GMT
branch-latest.min.js
cdn.branch.io/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.2/url.js,libs/fd-dwp/1.8.3/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.15/native.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-111.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

Referer
https://act.fordeal.com/
Origin
https://act.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding
gzip
etag
"49d34b8e058b253d35893807b3bac09d"
age
169
x-cache
Hit from cloudfront
content-length
23872
access-control-allow-origin
*
last-modified
Thu, 14 Oct 2021 16:27:46 GMT
server
AmazonS3
date
Thu, 02 Dec 2021 23:10:01 GMT
vary
Origin
access-control-allow-methods
GET
content-type
text/javascript
via
1.1 ed4565467c6c9847b6a3fcb6cec799e5.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
N_rVm7-qkRpiQUHmOTBQI2tm1hV-7-ocN_93i4Q0L3Z8aOrDCgwBrQ==
1
gw.fordeal.com/gw/dwp.trade-center-api.addressDefaultAddress/ 		91 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.trade-center-api.addressDefaultAddress/1?data=&gw_ver=1&plat=h5&ct=1638486769638&appname=fordeal&sign=b44adf2cad1dfe9db0add688a8332189
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc120957e18b497fe1655ff4561d84ba437cc0f7d430fe6c2993cb0cb0f30895
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
1
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
10
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
trade-center-5774c4f49-zv6b4
gw-st
1638486769704
cf-ray
6b783e065fc23743-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.809eaadf16b94215afc2298db53f8e43.291.16384867696949098
1
gw.fordeal.com/gw/dwp.customerCenter.get_phone/ 		87 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.customerCenter.get_phone/1?data=&gw_ver=1&plat=h5&ct=1638486769639&appname=fordeal&sign=21c154fa1368b27427372437bf310432
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
2
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
20
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
customer-center-7c779c44cc-2ljln
gw-st
1638486769701
cf-ray
6b783e065fc83743-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.5044701c4e4c4aeca555d4881fff2fa2.298.16384867696817526
truncated
/ 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.png
s3.forcloudcdn.com/ 		176 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4f0e529fd049ee6c6211d0993b2abb8770feb295069037e6833926b9d2f3ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
cf-cache-status
HIT
age
2855433
cf-polished
origFmt=png, origSize=268
last-modified
Sat, 12 Sep 2020 11:50:02 GMT
content-length
176
content-disposition
inline; filename="favicon.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VFV8K55BQ09XSQCG
x-amz-id-2
leTcXA9PEzM4yf+ZTXeJb+pwFvNPmP6FzE8sRQGY73qfX5YQqtE6QzGbh1cjG64Vq3FBPJNG1YA=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"e8e99d8cec7157963e4717c8480e8516"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
x-amz-version-id
YLQ4VTKqEnhUdDcQfjgd57F.vNJngUTm
accept-ranges
bytes
cf-ray
6b783e06afab5995-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
e0322ace-efdc-43a3-bae5-52f185d43885-530x100.png
s3.forcloudcdn.com/dmc/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/e0322ace-efdc-43a3-bae5-52f185d43885-530x100.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
617a3c25821bad157e12d9d06319e2993d14d1e409f61d960f37adf95bc0b7b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
cf-cache-status
HIT
x-amz-request-id
04AYE4NNJEH559M5
cf-polished
origFmt=png, origSize=21821
cf-ray
6b783e06afb05995-MXP
last-modified
Fri, 09 Oct 2020 11:48:22 GMT
content-disposition
inline; filename="e0322ace-efdc-43a3-bae5-52f185d43885-530x100.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19380
x-amz-id-2
XE0ZzsgWOGja1mEJYGaQPA1gUSFXR8pj0skH6KpVqMW+fF+0gRyoLVUzYQCepnqdcjf+ABNm8pg=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"f1104dfa35ed25ac0579c99b8de8728a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-version-id
3dG6XqH8FGKQlGc61DozaFMHhFEHtLAq
cache-control
public, max-age=691200
accept-ranges
bytes
content-type
image/webp
expires
Fri, 10 Dec 2021 23:12:49 GMT
87298a32-92e8-4a09-83f8-02cec5248f30-750x540.png
s3.forcloudcdn.com/dmc/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/87298a32-92e8-4a09-83f8-02cec5248f30-750x540.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163302f573724c87c485ea647f6a5a4e71fda334cf2047cbe8a5aff31cc5e216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
cf-cache-status
HIT
x-amz-request-id
XCHK6ZNG3XE2ERZD
cf-polished
origFmt=png, origSize=115209
x-amz-meta-image-lambda-processed
true
x-amz-meta-width
750
x-amz-meta-image-lambda-height
540
x-amz-meta-height
540
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
97448
x-amz-id-2
dkHwr+AsZaGaNpYYVtao+xVj0QZeR13zZHgZo8QIpdX/pVesdQXxBrjdTeyPAwbr4jQA77skg3Q=
x-amz-meta-image-lambda-width
750
last-modified
Thu, 21 Oct 2021 08:23:50 GMT
server
cloudflare
etag
"a2e2e471ac02301bdbbcd3275b17837b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cf-bgj
imgq:100,h2pri
content-disposition
inline; filename="87298a32-92e8-4a09-83f8-02cec5248f30-750x540.webp"
cache-control
public, max-age=691200
x-amz-version-id
1CXU7SWmoBdKcrSan61qUPjLDQ8BBl52
accept-ranges
bytes
cf-ray
6b783e06afb65995-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
fa4972a1-a152-4429-ad8c-d48f1add9265-650x140.png
s3.forcloudcdn.com/dmc/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/fa4972a1-a152-4429-ad8c-d48f1add9265-650x140.png
Requested by
Host: s3.forcloudcdn.com
URL: https://s3.forcloudcdn.com/assets/lego/82f8d64f6ce82a8c9007914ad698135e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eaa8965c217989b663422ff07c3585538d0f97d384d0d9e84da0432ece95c3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.forcloudcdn.com/assets/lego/82f8d64f6ce82a8c9007914ad698135e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
cf-cache-status
HIT
age
778426
cf-polished
origFmt=png, origSize=15242
last-modified
Wed, 24 Feb 2021 07:15:40 GMT
content-length
14062
content-disposition
inline; filename="fa4972a1-a152-4429-ad8c-d48f1add9265-650x140.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
9F27FNCY4DS02PS0
x-amz-id-2
2bVsfQry1gixzJdVz4ETZf08CvjNkcVPm6pAb1pta+wnYoSf9WnzGoRZCblWei8h2Ahjk3fAzTU=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"125b837de9b221588e1cc17fe73baac9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
x-amz-version-id
9ph.0NOYjgVzvdF368M4hmP4w2rsS98v
accept-ranges
bytes
cf-ray
6b783e06afba5995-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0746983372f1b7e048c04f4b0b56b8f30d7b6240dc366d45ed329044d2c48392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
1
gw.fordeal.com/gw/dwp.common.serverTime/ 		101 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.common.serverTime/1?data=&gw_ver=1&plat=h5&ct=1638486769673&appname=fordeal&sign=996185a0998564527dcb17e70a844a0a
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce82b542ad728c2fd03f494e8ad8283f332d3fa3fffd4094c6b931d1faafa40
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

gw-trace-sampling
0
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1638486769
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
2
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
gw-st
1638486769748
cf-ray
6b783e06b8803743-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.2c4a02bfcd4647198ba2846b3d5bb4f3.330.16384867697469154
e9b399e6-34e9-4e89-8d21-4d569e72e182-260x260.png
s3.forcloudcdn.com/dmc/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/e9b399e6-34e9-4e89-8d21-4d569e72e182-260x260.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1384f0feb5da73d87dbd4721f12123fa69d38ea3087b3442c01ebc587ccab829

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
cf-cache-status
HIT
age
314807
cf-polished
origFmt=png, origSize=13370
x-amz-meta-image-lambda-processed
true
x-amz-meta-width
260
x-amz-meta-image-lambda-height
260
x-amz-meta-height
260
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
5JHWEGHYVS248NQN
x-amz-id-2
aBDoA9uzHqtZf2qfN7o/zuOz6pobXtKycl5YagkxarLTKK56ffBkACpezkLbjr6rQRUMnP09LQA=
accept-ranges
bytes
x-amz-meta-image-lambda-width
260
last-modified
Thu, 21 Oct 2021 08:23:08 GMT
server
cloudflare
etag
"e4b3dd7c59f3b8279d1232f6ee66ff43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cf-bgj
imgq:100,h2pri
content-disposition
inline; filename="e9b399e6-34e9-4e89-8d21-4d569e72e182-260x260.webp"
cache-control
public, max-age=691200
x-amz-version-id
T.DyUTAq4_wTtgtiV24zv8gFuT656tmA
content-length
10728
cf-ray
6b783e06cfff5995-MXP
expires
Fri, 10 Dec 2021 23:12:49 GMT
_r
app.link/ 		90 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.59.0&branch_key=key_live_pgNaS6ti52mXzBeOV4FlAkfhEBfccw5b&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ae00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
59d393207e954b1677e96197a3aac2aba2f04adb8450e6a7ff5db39775f3f762
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
90
etag
W/"5a-cagnYTemiy6XUlMOd2dPvS/GpY8"
x-amz-cf-id
nxHRFHkpaXz95YDMEOBBeh-kyWpo3uYYsXxdxzScvhSJPB8sX9MBDw==
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-94012617-9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-471643095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e2f951e894d67b49b1bedae549d1aa50c59f97b004f6cc37978aaf1661e8f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36153
x-xss-protection
0
expires
Thu, 02 Dec 2021 23:12:49 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-471643095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d711fe5cb3c889f8b2562a3e1a7991db7f65cc4406edff7eaea2d04239cbc22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50857
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 21:51:19 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 23:12:49 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
702
date
Thu, 02 Dec 2021 23:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Dec 2021 01:01:07 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-471643095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44da90fe08b2d35ab1632c09f1bdd51863585fe6f1a64301319dc23871282c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61963
x-xss-protection
0
expires
Thu, 02 Dec 2021 23:12:49 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
EKLOKaepNP+ChXC+yhJFU+RFMyBFyd9NrtjtbzLrrn1KVZM+1/NkemAMjj+0Lv336lbFc/3VkRgulDJjuG5D6A==
x-frame-options
DENY
date
Thu, 02 Dec 2021 23:12:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1232841863581518
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1232841863581518?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c41644ce7bca99d35c4e799040eec6a13090d15569987709d80d67843779cb08
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88975
x-xss-protection
0
pragma
public
x-fb-debug
gmqeYuP6kagKF9lQZv30BU5x5EkWv96DW3NkhuA6UHKgdP9xgHCtGZk8iVm/CoWOeCdsoOs5KtGwlxVTACUTEg==
x-frame-options
DENY
date
Thu, 02 Dec 2021 23:12:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
is_enabled
tr.snapchat.com/collector/ 		46 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
0bf68c3348fe69b024affcf0eebdd91004cb9579662a2fee1f90efcb3c1054d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
i
tr.snapchat.com/cm/ Frame 3FE6 		0
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 02 Dec 2021 23:12:49 GMT
is_enabled
tr.snapchat.com/collector/ 		91 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
c6e6ade6a4728bb70f091208a69710d5ce875c6d39df5b3ef9f0b405b9e9ff0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
is_enabled
tr.snapchat.com/collector/ 		136 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
f9b56c650d05891e1216b24748f9f07978d5177f7b626d6ef6bc19c9a7a54353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
is_enabled
tr.snapchat.com/collector/ 		181 B
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
3bb282e265ba1124d8ff29492d316aa52d3ace824d629289e33cccd7b1d51d8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181
is_enabled
tr.snapchat.com/collector/ 		226 B
242 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a,cca3a11e-b071-4807-9602-27d510c675ab
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
926f740acad33d7161731065501dcf5b7874c1c4ab8ed081ee222003aff57234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
is_enabled
tr.snapchat.com/collector/ 		271 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a,cca3a11e-b071-4807-9602-27d510c675ab,e24e49fa-a328-4393-bbbd-cec27aa3a0e8
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e772491a550417e72ca2f4be3c94d8219373b9301b5eda7ab9b8563b043c8e0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
271
is_enabled
tr.snapchat.com/collector/ 		316 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a,cca3a11e-b071-4807-9602-27d510c675ab,e24e49fa-a328-4393-bbbd-cec27aa3a0e8,7b788377-6729-412c-8e87-57229a56f180
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
bdf9ff924ae5194f58aab7d94f6a0355bfa5c5b10b1a0790bc34237f73d6c0bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
is_enabled
tr.snapchat.com/collector/ 		361 B
377 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a,cca3a11e-b071-4807-9602-27d510c675ab,e24e49fa-a328-4393-bbbd-cec27aa3a0e8,7b788377-6729-412c-8e87-57229a56f180,8279ff71-f5d3-403d-8bf7-903a8be33712
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
c29cf521dfc607f2d59b8db3778ea02bb9572abd8d2d16676c2a6c701a844979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
361
is_enabled
tr.snapchat.com/collector/ 		406 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=594717e0-8d76-4661-ba73-cab202295bb0,ec43f182-e218-4b02-9ea4-83862ed5207d,07659404-b2dd-47fe-9ab1-9bfda0f87367,9889914a-7c82-4462-b68d-4ab531dd403a,cca3a11e-b071-4807-9602-27d510c675ab,e24e49fa-a328-4393-bbbd-cec27aa3a0e8,7b788377-6729-412c-8e87-57229a56f180,8279ff71-f5d3-403d-8bf7-903a8be33712,4401b868-544e-49f0-b7ce-f694a30f8434
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
9cc3cebf796d283d2839f3ddce923b84d575ef0764b3399a08b5ff48fe7030e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
406
p
tr.snapchat.com/ Frame AB99 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 437F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame C043 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 5801 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 069B 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame DBC9 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 306A 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame BE00 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 98B8 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/

Response headers

server
nginx/1.17.3
date
Thu, 02 Dec 2021 23:12:49 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2108947239&t=pageview&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&dr=https%3A%2F%2Ff0r.co%2F&ul=en-us&de=UTF-8&dt=iPhone13%20free%20for%20you&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=566440677&gjid=570084859&cid=1307247240.1638486770&tid=UA-94012617-9&_gid=610470392.1638486770&_r=1&gtm=2ouc10&z=1948962051
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&rl=https%3A%2F%2Ff0r.co%2F&if=false&ts=1638486769899&cd[content_type]=product&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638486769898.854442909&it=1638486769746&coo=false&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 02 Dec 2021 23:12:49 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1638486769905&cv=9&fst=1638486769905&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fcacef9e601174001ccab7673b3169e3ac654d0a2d9c8759295bc0b6f68042c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1638486769907&cv=9&fst=1638486769907&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8a4cbd76bc9066c91f506ad87eacd9d00ed7862da984d0f64f02fc922498a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/471643095/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471643095/?random=1638486769909&cv=9&fst=1638486769909&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
843db56fcacf154107e86e121c08fff555ddb39b64b3aca5a06fbeb5e89bfc68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8XPR1T5L4G&gtm=2oec10&_p=2108947239&sr=1600x1200&ul=en-us&cid=1307247240.1638486770&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&dr=https%3A%2F%2Ff0r.co%2F&dt=iPhone13%20free%20for%20you&sid=1638486769&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-94012617-9&cid=1307247240.1638486770&jid=566440677&gjid=570084859&_gid=610470392.1638486770&_u=YEBAAUAAAAAAAC~&z=1136318854
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 02 Dec 2021 23:12:50 GMT
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
open
api2.branch.io/v1/ 		264 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
72b5910d9326f2c507272ffea56a4baf0b9439293565cd87be3449ada7c6ad5d

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
9e57c009fc2245018f6543c1342a8614-2021120223
content-length
264
x-amz-cf-id
cGjgsJcHpBjANSMuZDfEyHgJJvJ6qnXc5_vAIjG9T-ILnMBlISlWRQ==
/
www.google.com/pagead/1p-user-list/927470498/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/927470498/?random=1638486769907&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=374648420&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/927470498/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/927470498/?random=1638486769907&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=374648420&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/471643095/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/471643095/?random=1638486769909&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=1703790831&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/471643095/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/471643095/?random=1638486769909&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=1703790831&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/927470498/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/927470498/?random=1638486769905&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=825158643&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/927470498/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/927470498/?random=1638486769905&cv=9&fst=1638486000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&ref=https%3A%2F%2Ff0r.co%2F&tiba=iPhone13%20free%20for%20you&async=1&fmt=3&is_vtc=1&random=825158643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-94012617-9&cid=1307247240.1638486770&jid=566440677&_u=YEBAAUAAAAAAAC~&z=75465164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-94012617-9&cid=1307247240.1638486770&jid=566440677&_u=YEBAAUAAAAAAAC~&z=75465164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 23:12:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom
api2.branch.io/v2/event/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v2/event/custom
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
x-branch-event-extra
{}
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-branch-request-id
ccc79ce202ea4da6b16a4ad35750baee-2021120223
content-length
2
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-id
v9GoS8LnXH9muI0fPvEB3pMpGA7ceAMkMvERu-wFe293mDKxjKYPXw==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3D5F69XAaXJGGtkzpHC7FmBxhzzUB0Q2fNTdDwG%252FPefClvampYNMkhHw%253D%253D%26act_promotion_short_url%3D116522%26act_share_lan%3Den%26act_share_region%3DQA%26act_promotion_appid%3D0%26lan%3Den%26cur%3DQAR%26luckyNumber%3D2952%26bgColor%3D%25236e8ef5%26navigation%3Dnone&rl=https%3A%2F%2Ff0r.co%2F&if=false&ts=1638486770402&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iPhone13%20free%20for%20you%22%2C%22meta%3Adescription%22%3A%22iPhone%2013%20free%20for%20you%22%2C%22meta%3Akeywords%22%3A%22iPhone%2013%20free%20for%20you%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22iPhone%2013%20free%20for%20you%22%2C%22og%3Adescription%22%3A%22iPhone%2013%20free%20for%20you%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.forcloudcdn.com%2Fdmc%2F666bbb9b-c3e2-48a1-8ce7-0d9a0db7cd18-750x600.png%22%2C%22og%3Asite_name%22%3A%22Fordeal%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638486769898.854442909&it=1638486769746&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 02 Dec 2021 23:12:50 GMT
pageview
api2.branch.io/v1/ 		28 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4c00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
93fe6ae705244a579011f893ccd82388-2021120223
content-length
28
x-amz-cf-id
b07ntNJhZ5ieMLNnSTXw-qtLvrhkUrbPvtW_RnUq3VdJn2Y01OHYdA==
dotMets
client-metrics.fordeal.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-metrics.fordeal.com/api/dotMets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://act.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
access-control-allow-origin
https://act.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b783e0b995d3751-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotMets
client-metrics.fordeal.com/api/ 		32 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Dec 2021 23:12:50 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-allow-credentials
true
cf-ray
6b783e0bfaa83743-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
dotData
dot.fordeal.com/api/ 		32 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotData
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 02 Dec 2021 23:12:51 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-allow-credentials
true
cf-ray
6b783e11adc63743-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s3.forcloudcdn.com
URL
https://s3.forcloudcdn.com/dmc/37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| FD_ERROR_QUE string| F_PLAT object| F_CONFIG object| lib number| rem number| dpr function| Vue object| Vuex function| axios function| Cookies object| F function| EventEmitter object| webpackJsonp object| Mipha function| snaptr function| fbq function| _fbq object| dataLayer function| gtag object| branch boolean| triedToSendCookieToNative object| WebJSBridge object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady

20 Cookies

Domain/Path Name / Value
.fordeal.com/ Name: gw-did
Value: web_7c4a22d7bfea478b9827c90c51004503
.fordeal.com/ Name: FORDEAL_ORIGIN_F
Value: p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1
.fordeal.com/ Name: cur
Value: EUR
.fordeal.com/ Name: system
Value: h5
.fordeal.com/ Name: has_uuid
Value: true
.fordeal.com/ Name: timezone
Value: +3
.fordeal.com/ Name: lan
Value: en
.fordeal.com/ Name: region
Value: DE
.fordeal.com/ Name: uuid
Value: web_h5_7005870a290649429b7e41c28c7e9d53
.fordeal.com/ Name: _gcl_au
Value: 1.1.1667961269.1638486770
.fordeal.com/ Name: _scid
Value: 76996a87-a3c6-4b0b-a52e-37c8e0e5725f
.fordeal.com/ Name: _gid
Value: GA1.2.610470392.1638486770
.fordeal.com/ Name: _gat_gtag_UA_94012617_9
Value: 1
.fordeal.com/ Name: _fbp
Value: fb.1.1638486769898.854442909
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIMMM5zlGiV3C8bVJAPFnNS4sF2C5e85PHFYWkugehEBez/QOs5cD3MgAAAA==
.facebook.com/ Name: fr
Value: 0BdQUIBPVjobi66Kf..BhqVLx...1.0.BhqVLx.
.fordeal.com/ Name: _ga
Value: GA1.1.1307247240.1638486770
.app.link/ Name: _s
Value: COzQXDYH%2BCIdDk%2BxCEkPE7ILC08yJOsZX00lV2Bo29C%2FtePcSBIf7EG2Mk3dJ1TJ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fordeal.com/ Name: _ga_8XPR1T5L4G
Value: GS1.1.1638486769.1.0.1638486770.0

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.fordeal.com
api2.branch.io
app.link
cdn.branch.io
client-metrics.fordeal.com
connect.facebook.net
dot-hub-x.fordeal.com
dot.fordeal.com
f0r.co
googleads.g.doubleclick.net
gw.fordeal.com
s3.forcloudcdn.com
s4.forcloudcdn.com
sc-static.net
stats.g.doubleclick.net
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
s3.forcloudcdn.com
13.32.121.111
142.250.186.34
2600:9000:2156:ae00:19:9934:6a80:93a1
2600:9000:21f3:4c00:11:f728:3040:93a1
2606:4700::6812:1491
2606:4700::6812:1591
2606:4700::6812:19c9
2606:4700::6812:c76
2a00:1450:4001:801::2004
2a00:1450:4001:808::200e
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.226.184
52.222.236.61
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
0746983372f1b7e048c04f4b0b56b8f30d7b6240dc366d45ed329044d2c48392
0bf68c3348fe69b024affcf0eebdd91004cb9579662a2fee1f90efcb3c1054d2
0cc2be64b24f8ae3f9951a81ce4964ea31e5663f5f739d7f34cf9dbaef8ae2c6
0d9870e8bf7c76563c1af2f454b2ce4f957ac7c218fe52de78bce3a50895acf5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1384f0feb5da73d87dbd4721f12123fa69d38ea3087b3442c01ebc587ccab829
14a18b1bd804d9e1180cfe5554204a8e9a7531175647a6126c256aa2cba03f2c
163302f573724c87c485ea647f6a5a4e71fda334cf2047cbe8a5aff31cc5e216
238a7270b003c437ead346657a0d1c4e602a21f0e87ad38411bcd1444de8ea2f
2456d3652502f2b37b2e62c31ac1adbd6c910710dbd881f7b82436ac0daa3583
332973622c708bc1f05e074d340d93af4d334bac6489763c2e54044a48b3d65c
3bb282e265ba1124d8ff29492d316aa52d3ace824d629289e33cccd7b1d51d8c
3e2f951e894d67b49b1bedae549d1aa50c59f97b004f6cc37978aaf1661e8f72
3eaa8965c217989b663422ff07c3585538d0f97d384d0d9e84da0432ece95c3e
414e62a87b2ea7550350a4092a2ed60f49c6a15faf0d223381c86f3af954ef8b
41b9eae8ce3766ca15b3256cf4dc0ce627d5abb9bffc230c67db6b49b3cc4eb8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44da90fe08b2d35ab1632c09f1bdd51863585fe6f1a64301319dc23871282c34
4d711fe5cb3c889f8b2562a3e1a7991db7f65cc4406edff7eaea2d04239cbc22
59d393207e954b1677e96197a3aac2aba2f04adb8450e6a7ff5db39775f3f762
617a3c25821bad157e12d9d06319e2993d14d1e409f61d960f37adf95bc0b7b0
64be9eb2e086ff3ae0e543c4d251c2483e473371ab777ae19ea95ee8fc667724
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43
69ef62d069bde5ebf307ef322360dbf9ef2b92fe6d41dd2b9fe878d7cdc618e6
6fcacef9e601174001ccab7673b3169e3ac654d0a2d9c8759295bc0b6f68042c
72b5910d9326f2c507272ffea56a4baf0b9439293565cd87be3449ada7c6ad5d
7ce82b542ad728c2fd03f494e8ad8283f332d3fa3fffd4094c6b931d1faafa40
843db56fcacf154107e86e121c08fff555ddb39b64b3aca5a06fbeb5e89bfc68
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d60422568a4400a883eda7631ca5ab95a317422b48ed4b2fc7d1389322ed3e5
926f740acad33d7161731065501dcf5b7874c1c4ab8ed081ee222003aff57234
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
99fe5b992fef63317f47c9dddcb6bfae6f6ed983cf809a4181b7c6da8a334728
9cc3cebf796d283d2839f3ddce923b84d575ef0764b3399a08b5ff48fe7030e8
9dcc730588cb221b4a77a6b97a2be924303e9a15cf7ecf33551d9f6ae71f159a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a487790e4892450950c5c1b65d0fb9d0de84ae718044504d004044e6ded8be04
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
ae4f0e529fd049ee6c6211d0993b2abb8770feb295069037e6833926b9d2f3ec
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b716050fac730b20b897cb0009979257c9f202d5820443fb866020cc46acf201
bdf9ff924ae5194f58aab7d94f6a0355bfa5c5b10b1a0790bc34237f73d6c0bc
c29cf521dfc607f2d59b8db3778ea02bb9572abd8d2d16676c2a6c701a844979
c41644ce7bca99d35c4e799040eec6a13090d15569987709d80d67843779cb08
c6e6ade6a4728bb70f091208a69710d5ce875c6d39df5b3ef9f0b405b9e9ff0e
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
d61c7b2c86c0509211a8fac185c25ce0df5e72975726a8bd844569f03c26fa36
dc120957e18b497fe1655ff4561d84ba437cc0f7d430fe6c2993cb0cb0f30895
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e772491a550417e72ca2f4be3c94d8219373b9301b5eda7ab9b8563b043c8e0d
e8a4cbd76bc9066c91f506ad87eacd9d00ed7862da984d0f64f02fc922498a59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40a0f58b1a580d3a19f606a7babec916e4b1a881e14d5df77385ed754001b7c
f9b56c650d05891e1216b24748f9f07978d5177f7b626d6ef6bc19c9a7a54353