Submitted URL: http://f0r.co/jK6g
Effective URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1....
Submission: On May 15 via api from US

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6812:1491, located in United States and belongs to CLOUDFLARENET, US. The main domain is act.fordeal.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 11th 2019. Valid for: a year.
This is the only time act.fordeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.154.129.93 16509 (AMAZON-02)
2 34.255.141.85 16509 (AMAZON-02)
1 54.230.183.52 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.182.104 16509 (AMAZON-02)
1 151.101.112.157 54113 (FASTLY)
1 172.217.22.66 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:201... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2600:9000:201... 16509 (AMAZON-02)
1 104.244.42.131 13414 (TWITTER)
2 35.186.226.184 15169 (GOOGLE)
58 23
Domain Requested by
10 s3.forcloudcdn.com f0r.co
act.fordeal.com
6 gw.fordeal.com s4.forcloudcdn.com
5 s4.forcloudcdn.com act.fordeal.com
4 www.facebook.com act.fordeal.com
4 www.googletagmanager.com s4.forcloudcdn.com
www.googletagmanager.com
3 connect.facebook.net s4.forcloudcdn.com
connect.facebook.net
2 client-metrics.fordeal.com s4.forcloudcdn.com
2 tr.snapchat.com sc-static.net
2 api2.branch.io cdn.branch.io
2 www.google.de act.fordeal.com
2 analytics.google.com www.googletagmanager.com
2 dot-hub-x.fordeal.com s4.forcloudcdn.com
2 dot.fordeal.com s4.forcloudcdn.com
1 analytics.twitter.com static.ads-twitter.com
1 www.google.com act.fordeal.com
1 app.link cdn.branch.io
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 t.co act.fordeal.com
1 www.googleadservices.com www.googletagmanager.com
1 static.ads-twitter.com s4.forcloudcdn.com
1 cdn.branch.io s4.forcloudcdn.com
1 sc-static.net s4.forcloudcdn.com
1 act.fordeal.com f0r.co
1 f0r.co
58 25

This site contains no links.

Subject Issuer Validity Valid
fordeal.com
CloudFlare Inc ECC CA-2
2019-09-11 -
2020-09-10
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-10-16 -
2020-10-09
a year crt.sh
*.fordeal.com
Amazon
2019-06-25 -
2020-07-25
a year crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA
2019-03-11 -
2021-03-15
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-04-15 -
2020-07-14
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-04-15 -
2020-07-08
3 months crt.sh
*.branch.io
DigiCert SHA2 Secure Server CA
2018-12-05 -
2020-12-08
2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
*.google.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-04-15 -
2020-07-08
3 months crt.sh
www.google.de
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
appipv4.link
Amazon
2019-08-19 -
2020-09-19
a year crt.sh
www.google.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA
2019-02-19 -
2021-02-23
2 years crt.sh

This page contains 3 frames:

Primary Page: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Frame ID: F19D7CCC9911FFBAD7CF153B2FFE0890
Requests: 56 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=765c7dbd-7208-491e-869b-293ae96b9453
Frame ID: 822B2B7F54C7BD2E6A89C686AC483FF0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 41D6E482997DB90DE0F960502DCCCD13
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://f0r.co/jK6g Page URL
  2. https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i

Page Statistics

58
Requests

97 %
HTTPS

61 %
IPv6

17
Domains

25
Subdomains

23
IPs

4
Countries

992 kB
Transfer

2444 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://f0r.co/jK6g Page URL
  2. https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set jK6g
f0r.co/
3 KB
2 KB
Document
General
Full URL
http://f0r.co/jK6g
Protocol
HTTP/1.1
Server
2606:4700:3033::681b:a440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f30717321c84679347ac1f33c9f1fad2733e33c1e20c6d04aec7a1185b93e7

Request headers

Host
f0r.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:35:39 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da5deace127028f25274545162968455c1589553339; expires=Sun, 14-Jun-20 14:35:39 GMT; path=/; domain=.f0r.co; HttpOnly; SameSite=Lax short_url_uuid=short_url9ef60479-0cda-4c39-b157-2ddac993c2ee
Refresh
2;url=https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Content-Language
en-US
Front-End-Https
on
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
593d9633ae7105f5-FRA
Content-Encoding
gzip
cf-request-id
02ba5c344a000005f5e3153200000001
Primary Request share_wincode4
act.fordeal.com/act/
9 KB
9 KB
Document
General
Full URL
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Requested by
Host: f0r.co
URL: http://f0r.co/jK6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92936571082c4c9eaf6dfa3880dc8eebb7e9a1db216bd7feda21f283902d5c59

Request headers

:method
GET
:authority
act.fordeal.com
:scheme
https
:path
/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://f0r.co/jK6g
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://f0r.co/jK6g

Response headers

status
200
date
Fri, 15 May 2020 14:35:40 GMT
set-cookie
__cfduid=dd549e928ebbcd674eb7f3cfc293048731589553340; expires=Sun, 14-Jun-20 14:35:40 GMT; path=/; domain=.fordeal.com; HttpOnly; SameSite=Lax; Secure
front-end-https
on
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
593d96389c1c6461-FRA
cf-request-id
02ba5c375f00006461dfbf0200000001
37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif
s3.forcloudcdn.com/dmc/
22 KB
22 KB
Image
General
Full URL
http://s3.forcloudcdn.com/dmc/37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif
Requested by
Host: f0r.co
URL: http://f0r.co/jK6g
Protocol
HTTP/1.1
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://f0r.co/jK6g
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:35:39 GMT
CF-Cache-Status
HIT
Age
2982
Cf-Polished
status=not_needed
CF-RAY
593d9635f8b1d6b9-FRA
Connection
keep-alive
Content-Length
22117
x-amz-id-2
eayqLw6+nsDvfYh2lvddhIhKGGo6b9r/zOpwz9p8kEAk0053cC5n6DduxOsftE+OQvc1Bhvgbvc=
Last-Modified
Fri, 06 Dec 2019 07:52:56 GMT
Server
cloudflare
ETag
"62dd0f63cae4843fc18ab7564786bc64"
Vary
Accept-Encoding
x-amz-request-id
8DDE34F249FAD1E4
Expires
Sat, 16 May 2020 14:35:39 GMT
Cache-Control
public, max-age=86400
x-amz-version-id
FtEke91YknnGoXGULXLtEtsHvwDQOhhv
cf-request-id
02ba5c35b80000d6b93bbdf200000001
Accept-Ranges
bytes
Content-Type
image/gif
Cf-Bgj
imgq:100
index.css
s4.forcloudcdn.com/-/libs/fd-base-style/1.2.1/base.css,libs/fd-lego-base/1.2.3/
22 KB
12 KB
Stylesheet
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-base-style/1.2.1/base.css,libs/fd-lego-base/1.2.3/index.css
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39254bbdb549566c3cf9afc576a91757e378655a7ed041bc17f211b06a83d4f7

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
HIT
age
5726444
cf-polished
origSize=22630
x-cache-status
MISS
status
200
cf-request-id
02ba5c3aed000005e9fabab200000001
last-modified
Tue, 10 Mar 2020 06:09:16 GMT
server
cloudflare
etag
W/"5866-B78fQ6KDXuWmlRVFQqGe2LFFvYs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
expires
Sat, 15 May 2021 14:35:41 GMT
cache-control
public, max-age=31536000
x-server
aws-ir_front_cdnsrc-003022
cf-ray
593d963e4eee05e9-FRA
cf-bgj
minify
713a06a15c7a0ac730622f125eff9818.css
s3.forcloudcdn.com/assets/lego/
36 KB
6 KB
Stylesheet
General
Full URL
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.css
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d625a7d417c0a9c570fc78a02ec4a6ccbaf3deee0de64e559d23ec3c0a5f96

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:40 GMT
content-encoding
br
cf-cache-status
HIT
age
6224
cf-polished
origSize=37385
status
200
last-modified
Thu, 09 Apr 2020 10:40:15 GMT
x-amz-request-id
2BDD7BE0090F5A1C
x-amz-id-2
eihJguvYbrFdrMP0XhfrGoIIilyl8iDRLpH7/VPI0wvQLh6jdH90OsPGXPKBoRufL7b8lk/Zsmc=
cf-bgj
minify
server
cloudflare
etag
W/"3ff97c226f9c0bae4448d31e6fa516e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
x-amz-version-id
u_DZ6xpuFvuf.3CSetiZfXxnXVcyWCbZ
cf-request-id
02ba5c37e800000eb36f8da200000001
cf-ray
593d9639796b0eb3-FRA
expires
Sat, 16 May 2020 14:35:40 GMT
f6ca61e4-d100-4a28-80b4-6df4eb9890c0-220x220.png
s3.forcloudcdn.com/dmc/
3 KB
4 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/f6ca61e4-d100-4a28-80b4-6df4eb9890c0-220x220.png
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5a7c4b24455e89cbeb544b979a58ad393b52e398108243b4bb912cdac06966

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:40 GMT
cf-cache-status
HIT
age
323
cf-polished
origFmt=png, origSize=4100
status
200
content-length
3318
content-disposition
inline; filename="f6ca61e4-d100-4a28-80b4-6df4eb9890c0-220x220.webp"
x-amz-request-id
B1F208D8F6AABE6C
x-amz-id-2
IG1eStTN5ReFrppKWkWHxDVb1+kABB5v7EMQt/EwvEIiOQE8kwOPCCzEPCVJDeUTzLxyLhpSYck=
last-modified
Mon, 23 Mar 2020 03:59:26 GMT
server
cloudflare
etag
"d7880f822f5a7eb6661e1256811c6de8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:40 GMT
cache-control
public, max-age=86400
x-amz-version-id
NlTOxPosdGgghqQn7t03MTgJiQKxyYVt
cf-request-id
02ba5c37e900000eb36f8dc200000001
accept-ranges
bytes
cf-ray
593d963979710eb3-FRA
cf-bgj
imgq:100,h2pri
js.cookie.js
s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/
79 KB
27 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2da0e95fb2c36a7bfc05c04cac11298d76720b98e67d84519d915cd56dbe82

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
HIT
age
17134687
cf-polished
origSize=81621
x-cache-status
MISS
status
200
cf-request-id
02ba5c3aed000005e9fabac200000001
last-modified
Fri, 30 Aug 2019 02:21:01 GMT
server
cloudflare
etag
W/"13ed5-5h2nPdk4CmU5f8qYqWstdQ7INcI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Sat, 15 May 2021 14:35:41 GMT
cache-control
public, max-age=31536000
x-server
cdnsrc-1
cf-ray
593d963e4ef105e9-FRA
cf-bgj
minify
base.js
s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.0.4/f.js,libs/fd-image/1.3.3/image.js,libs/fd-base/1.2.2/
41 KB
13 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.0.4/f.js,libs/fd-image/1.3.3/image.js,libs/fd-base/1.2.2/base.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44060c7470a2086818fdd3deb66ce23ef3c8452adfcf57ae7fc8224339cad48c

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
HIT
age
4191642
cf-polished
origSize=41609
x-cache-status
MISS
status
200
cf-request-id
02ba5c3aed000005e9fabad200000001
last-modified
Fri, 27 Mar 2020 08:16:46 GMT
server
cloudflare
etag
W/"a289-1fv8RPOqGvwBIMntXAYcI9QgSsA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Sat, 15 May 2021 14:35:41 GMT
cache-control
public, max-age=31536000
x-server
aws-ir_front_cdnsrc-003022
cf-ray
593d963e4ef305e9-FRA
cf-bgj
minify
promotion.js
s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,l...
88 KB
26 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da91137e71ed2a29f6a77330b14418934ea8a6b284339fdbff16dd7e79d7379

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
HIT
age
3739519
cf-polished
origSize=90244
x-cache-status
MISS
status
200
cf-request-id
02ba5c3aed000005e9fabae200000001
last-modified
Wed, 01 Apr 2020 13:47:04 GMT
server
cloudflare
etag
W/"16084-N/m5/9Ry2m87oEavSGuK9rtvZrs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Sat, 15 May 2021 14:35:41 GMT
cache-control
public, max-age=31536000
x-server
aws-ir_front_cdnsrc-004056
cf-ray
593d963e4ef505e9-FRA
cf-bgj
minify
native-external.js
s4.forcloudcdn.com/-/libs/fd-mipha-core/2.1.0/app.js,libs/fd-lego-base/1.2.3/index.js,libs/fd-native-app/1.2.4/
19 KB
6 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-mipha-core/2.1.0/app.js,libs/fd-lego-base/1.2.3/index.js,libs/fd-native-app/1.2.4/native-external.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297b94373ac9dee66c90ed0e96dea8e3bfcf8088843261fd36605347224a1e88

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
HIT
age
3737551
cf-polished
origSize=19778
x-cache-status
HIT
status
200
cf-request-id
02ba5c3aed000005e9fabaf200000001
last-modified
Fri, 27 Mar 2020 04:06:06 GMT
server
cloudflare
etag
W/"4d42-LcHtJJRTGwlUw0Ia83gKLP/Q2Ss"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Sat, 15 May 2021 14:35:41 GMT
cache-control
public, max-age=31536000
x-server
aws-ir_front_cdnsrc-004056
cf-ray
593d963e4ef805e9-FRA
cf-bgj
minify
713a06a15c7a0ac730622f125eff9818.js
s3.forcloudcdn.com/assets/lego/
111 KB
30 KB
Script
General
Full URL
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.js
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e897daa4dc1db36ea23f55c3af196ca430840107004c55cb2a4fb2159710e94d

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:40 GMT
content-encoding
br
cf-cache-status
HIT
age
6224
status
200
last-modified
Thu, 09 Apr 2020 10:40:15 GMT
x-amz-request-id
2B868599AFC2B21D
x-amz-id-2
vHnqaE+XZjoLdkKlYGARP4huHP5TXqO2LtfwZstzUj1HiuEkx0NUsnpUEtADwLJVE9N2zBcg1ig=
cf-bgj
minify
server
cloudflare
etag
W/"262e0353fce29c9d9f078b983a5dd11d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-version-id
0xaHsJqTcTFppxqCYAcHXGel6FnSixRV
cf-request-id
02ba5c37e900000eb36f8db200000001
cf-ray
593d9639796f0eb3-FRA
expires
Sat, 16 May 2020 14:35:40 GMT
0494458a-b9d8-4055-b995-180a0893e11b-750x1150.jpg
s3.forcloudcdn.com/dmc/
54 KB
55 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/0494458a-b9d8-4055-b995-180a0893e11b-750x1150.jpg
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69baf2de80f927ca910d403b24e47521de784b1dd185b5e87d21b7a8f0775e9

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
81
cf-polished
status=not_needed
cf-ray
593d963e78580eb3-FRA
status
200
last-modified
Thu, 19 Mar 2020 03:07:55 GMT
content-length
55345
x-amz-id-2
nbz7iJXP42GbjiWXa9hocU/8SC22FgGldJxY6/Z7TUCEVdbzQVHL+87jNf/nJFhvcWpZkdu7CDA=
cf-bgj
imgq:100
server
cloudflare
etag
"db32d059308cc734db390d4f4db60029"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
C3E8093F90DE2AC2
cache-control
public, max-age=86400
x-amz-version-id
Zy3vh7xRXjAGUPOvJX9O9Uqx53HqBXyy
cf-request-id
02ba5c3b0c00000eb36f91b200000001
accept-ranges
bytes
content-type
image/jpeg
expires
Sat, 16 May 2020 14:35:41 GMT
aeb492a3-0e96-4855-93e6-f2bc002e62fa-40x40.png
s3.forcloudcdn.com/dmc/
2 KB
2 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/aeb492a3-0e96-4855-93e6-f2bc002e62fa-40x40.png
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fb81993af311d91f57d23c0873fd8e583b5dcb0c52cba6f309d927f3ab7210

Request headers

Referer
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
1192
cf-polished
origFmt=png, origSize=1871
status
200
content-length
1594
content-disposition
inline; filename="aeb492a3-0e96-4855-93e6-f2bc002e62fa-40x40.webp"
x-amz-request-id
4745F307439EA6E1
x-amz-id-2
sVqdS+cFBP9l3iZI72Yid89e0/35rZnnkdAKoxaMvn0woxuzV+zAtqk7jRc3uXCKmPiCiRBFBrU=
last-modified
Thu, 19 Mar 2020 07:22:52 GMT
server
cloudflare
etag
"f7b2ea46bdf09686d76d05ad1cc8649a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:41 GMT
cache-control
public, max-age=86400
x-amz-version-id
dBrpwZ6UeT7gcfEnsodkF.nHZNwzX9BL
cf-request-id
02ba5c3b0e00000eb36f91c200000001
accept-ranges
bytes
cf-ray
593d963e78640eb3-FRA
cf-bgj
imgq:100,h2pri
d776de8d-0690-401f-9603-9d3196df2c99-600x97.gif
s3.forcloudcdn.com/dmc/
287 KB
288 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/d776de8d-0690-401f-9603-9d3196df2c99-600x97.gif
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be62cb8b620c2c4ca4c58f9937bc86abb96672036df251bc67627451497d1ca

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
4350
cf-polished
origFmt=gif, origSize=417390
status
200
content-length
293970
content-disposition
inline; filename="d776de8d-0690-401f-9603-9d3196df2c99-600x97.webp"
x-amz-request-id
50D8D2B940AF3BD6
x-amz-id-2
U0sfHQpaXWUm142Qnf2UYhB8Kdl76h6zJt23S0aahTr2BVnZL+hgDK+u8C5Hs54bdohzoeKzfbc=
last-modified
Thu, 19 Mar 2020 07:03:10 GMT
server
cloudflare
etag
"218151b4c714a652d8f738ee7512db56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:41 GMT
cache-control
public, max-age=86400
x-amz-version-id
JN9nayAfXytD2KPVE4ke8iC4qtFJAF6e
cf-request-id
02ba5c3b0e00000eb36f91d200000001
accept-ranges
bytes
cf-ray
593d963e786e0eb3-FRA
cf-bgj
imgq:100,h2pri
ac840201-65dc-4c06-b65c-0537d819c28e-40x40.png
s3.forcloudcdn.com/dmc/
596 B
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/ac840201-65dc-4c06-b65c-0537d819c28e-40x40.png
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca583f6c15627e3c3df8b7b74047926a40e8aa90116a7adb391d3a747b25d776

Request headers

Referer
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
4617
cf-polished
origFmt=png, origSize=1023
status
200
content-length
596
content-disposition
inline; filename="ac840201-65dc-4c06-b65c-0537d819c28e-40x40.webp"
x-amz-request-id
F1E5A23F96EBBE1D
x-amz-id-2
D9KQ4VHkWD87Wt5IAqmCK50cyZo8VLqYTCWjnvdM3xdUVJtYEAX26ofvOikfoaafkpTe6WK/Px4=
last-modified
Mon, 23 Mar 2020 04:14:44 GMT
server
cloudflare
etag
"7d10d8b58b71942d3f5660112ed6c6e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:41 GMT
cache-control
public, max-age=86400
x-amz-version-id
DcCFrkoxjiP2EAwKTZJsWSNMKQ19xEfp
cf-request-id
02ba5c3b0e00000eb36f91e200000001
accept-ranges
bytes
cf-ray
593d963e78730eb3-FRA
cf-bgj
imgq:100,h2pri
92e4ec52-e000-4b46-9416-f48c17e43f30-430x45.png
s3.forcloudcdn.com/dmc/
2 KB
3 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/92e4ec52-e000-4b46-9416-f48c17e43f30-430x45.png
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b005ccf607fc29baf092de5670829415e808905fa0291433ee64221bb327c6

Request headers

Referer
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
5732
cf-polished
origFmt=png, origSize=3198
status
200
content-length
2402
content-disposition
inline; filename="92e4ec52-e000-4b46-9416-f48c17e43f30-430x45.webp"
x-amz-request-id
3C15DF6661206086
x-amz-id-2
42UuaQrVRX9aZRpYAvYpPsjr4o0QyAQNpJk9B3sFjOm7zkHTMwiK4MX8ok64Ne5JjezK5jlOZyE=
last-modified
Mon, 23 Mar 2020 07:22:11 GMT
server
cloudflare
etag
"6c2ea05ea7cad3139b63882382a435b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:41 GMT
cache-control
public, max-age=86400
x-amz-version-id
VTZ9vXh3UWA4NcXqeeSBmoegn3hk_1ko
cf-request-id
02ba5c3b0e00000eb36f91f200000001
accept-ranges
bytes
cf-ray
593d963e78790eb3-FRA
cf-bgj
imgq:100,h2pri
a03bf9fe-af18-464e-9c55-c0e8f878bfad-277x71.png
s3.forcloudcdn.com/dmc/
2 KB
2 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/a03bf9fe-af18-464e-9c55-c0e8f878bfad-277x71.png
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4e2d04430caea4ab165db3ca76083ca88f76355e5108887fc64ae13601b1a3

Request headers

Referer
https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
cf-cache-status
HIT
age
5827
cf-polished
origFmt=png, origSize=2210
status
200
content-length
1798
content-disposition
inline; filename="a03bf9fe-af18-464e-9c55-c0e8f878bfad-277x71.webp"
x-amz-request-id
8A9407356AA29C26
x-amz-id-2
pL5yBVskIdBg1BtyMzuuMtqxtjHTnnKkFBn924KE+GeRlTVurD2J24vbp2WFm2WdmHyolrE8RN8=
last-modified
Mon, 10 Feb 2020 07:23:39 GMT
server
cloudflare
etag
"67ece97851dbbf44be431bd34c449b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 16 May 2020 14:35:41 GMT
cache-control
public, max-age=86400
x-amz-version-id
7IJJ9KmAYpwRvnIOZKfmpaLPyM8NI4gd
cf-request-id
02ba5c3b0e00000eb36f920200000001
accept-ranges
bytes
cf-ray
593d963e787f0eb3-FRA
cf-bgj
imgq:100,h2pri
dotRecord
dot.fordeal.com/api/
32 B
414 B
XHR
General
Full URL
https://dot.fordeal.com/api/dotRecord
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.129.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-129-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
status
200
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
1
gw.fordeal.com/gw/dwp.carnival.actInfo/
427 B
475 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.carnival.actInfo/1?data=%7B%22activityId%22%3A989%7D&gw_ver=1&plat=h5&ct=1589553341290&appname=fordeal&sign=45b71d9912cf7328918eb7837c1e2a9f
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
287e55b2ea1239677efe34a59661fdb7288750768664bdddb0a6b5a2cb519a3f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
service-rt
1
gw-code
1001
cf-request-id
02ba5c3da900006461df853200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
22
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-promotion-carnival-prod-026122
gw-st
1589553341913
cf-ray
593d9642ab7b6461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
1
gw.fordeal.com/gw/dwp.common.serverTime/
101 B
311 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.common.serverTime/1?data=&gw_ver=1&plat=h5&ct=1589553341291&appname=fordeal&sign=8dfbb3e3f0e5d7e43af5b5b9e9f79d82
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4847a2d7a2d9d2d2f43c43ccfe058803a1d7578df24a610162b426c18d8adf
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
gw-code
1001
cf-request-id
02ba5c3da900006461df854200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
17
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
gw-st
1589553341927
cf-ray
593d9642ab7d6461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
dotRecords
dot-hub-x.fordeal.com/api/v2/
32 B
414 B
XHR
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.141.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-141-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
status
200
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
1
gw.fordeal.com/gw/dwp.cheetah.get/
496 B
443 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.get/1?data=%7B%22pid%22%3A%22987%22%7D&gw_ver=1&plat=h5&ct=1589553341297&appname=fordeal&sign=76fbad560a70bcadf64473110cffe3f2
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2736635b3e35d5834e9263ae36f067b7bffc34750a7300e11f24278d3ea43840
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
service-rt
4
gw-code
1001
cf-request-id
02ba5c3da900006461df850200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
23
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
real-server
cheetah-1
gw-st
1589553341916
cf-ray
593d9642ab786461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
1
gw.fordeal.com/gw/dwp.cheetah.get/
1 KB
2 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.get/1?data=%7B%22pid%22%3A%22989%22%7D&gw_ver=1&plat=h5&ct=1589553341298&appname=fordeal&sign=b9253577d5af5681107dc545cebb042d
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02250b37f104092be7ace96d3195cbb7c94becff331025244836567a703527e2
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
service-rt
4
gw-code
1001
cf-request-id
02ba5c3da900006461df851200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
13
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
real-server
cheetah-1
gw-st
1589553341907
cf-ray
593d9642ab796461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
dotRecord
dot.fordeal.com/api/
32 B
414 B
XHR
General
Full URL
https://dot.fordeal.com/api/dotRecord
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.129.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-129-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
status
200
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
dotRecords
dot-hub-x.fordeal.com/api/v2/
32 B
405 B
XHR
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.141.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-141-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
status
200
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
scevent.min.js
sc-static.net/
13 KB
6 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.183.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-52.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd8f385869a47be15376dbb1f5a2430896e483058c00921884294bf94da1e7c1

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 19:05:54 GMT
content-encoding
gzip
last-modified
Fri, 08 May 2020 19:05:52 GMT
server
AmazonS3
age
70187
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
pUas1LqLIMydHKD01PPwtb7q2HefxuIB4RoPJWfZv8xBa9PWgww_cg==
via
1.1 9a017d15c75b3a14dee95340cd7042cb.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/
131 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
i605u5FGUL/c751VJnuLX8T470ylBdmu+BlH80mlbla+NjbUl9F7MF/m3fLM7mDZL27bATo8oj+NzOrJjm8kHw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 14:35:41 GMT, Fri, 15 May 2020 14:35:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
82 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-927470498
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38f2f2b4e2d38b9d5788a9d358205fa29b61712fa749cd6e031ed1e3d785867a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33136
x-xss-protection
0
last-modified
Fri, 15 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 May 2020 14:35:41 GMT
gtm.js
www.googletagmanager.com/
55 KB
22 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WX32JG
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7df328a33777216cd0a0470eb168c7c7292ddc51d2cd087cb758b293af94aa36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22369
x-xss-protection
0
last-modified
Fri, 15 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 May 2020 14:35:41 GMT
js
www.googletagmanager.com/gtag/
116 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PN9BVHQEMH
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d14b4ea9cc906ee22bdc5e2f588bcb368d039799bf6d6cf93b04d8048d01f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45019
x-xss-protection
0
expires
Fri, 15 May 2020 14:35:41 GMT
branch-latest.min.js
cdn.branch.io/
77 KB
23 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-104.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
lBD18HpOfsX1wwpc_Qxr_kNzc3sKN8wd
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 06 Apr 2020 19:26:50 GMT
Server
AmazonS3
Age
65
ETag
"679c46452ad6065e9fc48f5cc0478185"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Fri, 15 May 2020 14:34:44 GMT
X-Amz-Cf-Pop
HAM50-C1
Content-Length
23130
X-Amz-Cf-Id
Ep1KK6BpBBn84agIHVPV-m3RJHmqlZYS_LiJqS4Ac2CcCpdTlyE-uw==
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
age
61453
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4046-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1589553341.355023,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
1
gw.fordeal.com/gw/dwp.customerCenter.get_phone/
87 B
207 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.customerCenter.get_phone/1?data=&gw_ver=1&plat=h5&ct=1589553341330&appname=fordeal&sign=fb2839c57568b10bab63a03223d67f7a
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
service-rt
2
gw-code
1001
cf-request-id
02ba5c3da900006461df852200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
22
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
real-server
prod-customer-center-001124
gw-st
1589553341918
cf-ray
593d9642ab7a6461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
171574500264944
connect.facebook.net/signals/config/
516 KB
129 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/171574500264944?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dd8a632dfa7779d548ba8c7a7267efac38e439aa195cef5ad7d046a94617a5a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131720
x-xss-protection
0
pragma
public
x-fb-debug
3Dlc8PH4FP4CmKAPPsVzcMeA63Osn/8b0eaMdhqVC4BCC/Ow4t4IDWeNWPusMANAP52W4X8gC2WBZX9VMbylYg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 14:35:41 GMT, Fri, 15 May 2020 14:35:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
28 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10882
x-xss-protection
0
server
cafe
etag
5410868192711959244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 May 2020 14:35:41 GMT
js
www.googletagmanager.com/gtag/
116 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PN9BVHQEMH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9a4844c8b9dc7dd9280cd95d16b4859e9a25a0575fca82acacd147343f6f024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45039
x-xss-protection
0
expires
Fri, 15 May 2020 14:35:41 GMT
adsct
t.co/i/
43 B
171 B
Image
General
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2wdm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
105
pragma
no-cache
last-modified
Fri, 15 May 2020 14:35:41 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b7447563522ad8a22fd0d48c1cd5b8cf
x-transaction
005922e600797f74
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
analytics.google.com/g/
0
175 B
Other
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-PN9BVHQEMH&gtm=2oe561&_p=1847732360&sr=1600x1200&_gaz=1&ul=en-us&cid=1832377340.1589553341&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&dr=http%3A%2F%2Ff0r.co%2FjK6g&dt=fordeal&sid=1589553341&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PN9BVHQEMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
107 B
Other
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PN9BVHQEMH&cid=1832377340.1589553341&gtm=2oe561&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PN9BVHQEMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PN9BVHQEMH&cid=1832377340.1589553341&gtm=2oe561&aip=1&z=313285951
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1589553341485&cv=9&fst=1589553341485&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.&ref=http%3A%2F%2Ff0r.co%2FjK6g&tiba=fordeal&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b73603b6ec68550a682c9588d5a61a6b3ff1b3240f333a4ca6864c396ffa88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1261
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_r
app.link/
90 B
725 B
Script
General
Full URL
https://app.link/_r?sdk=web2.53.1&branch_key=key_live_pgNaS6ti52mXzBeOV4FlAkfhEBfccw5b&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:8600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
bc4293a2a1e7f8b4452ee9f9aa0f4ded36a33d211d6389abe100c959787fb950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 14:35:41 GMT
Via
1.1 b16df885683d0bb71fd074a9a72b1dc8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
HAM50-C2
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-kwOYS33LiLP6GSzhdmOzVLMwjc0"
X-Amz-Cf-Id
rkHJD3befE_0Ie6paSzm90BDqyaOb4w7r0YK_moaVvHaNtatiw-j7Q==
/
www.google.com/pagead/1p-user-list/927470498/
42 B
153 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/927470498/?random=1589553341485&cv=9&fst=1589551200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.&ref=http%3A%2F%2Ff0r.co%2FjK6g&tiba=fordeal&async=1&fmt=3&is_vtc=1&random=1288378203&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/927470498/
42 B
153 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/927470498/?random=1589553341485&cv=9&fst=1589551200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.&ref=http%3A%2F%2Ff0r.co%2FjK6g&tiba=fordeal&async=1&fmt=3&is_vtc=1&random=1288378203&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1232841863581518
connect.facebook.net/signals/config/
516 KB
129 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1232841863581518?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca221bd3d5d4d8c7588c9336fea35a3bc3b2455f6d79e6454d7db29c99ee0753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131682
x-xss-protection
0
pragma
public
x-fb-debug
TPrvoZbqbdQ5JEMlVA56uuew95de9q0UI2apaT2ngiIHC2ofgbib92M0mLWh3eJxz3TA5aJQe134V+nyWORU1g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 15 May 2020 14:35:41 GMT, Fri, 15 May 2020 14:35:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
254 B
Image
General
Full URL
https://www.facebook.com/tr/?id=171574500264944&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&rl=http%3A%2F%2Ff0r.co%2FjK6g&if=false&ts=1589553341577&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589553341576.601610537&it=1589553341368&coo=false&rqm=GET
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT, Fri, 15 May 2020 14:35:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 14:35:41 GMT
/
www.facebook.com/tr/
44 B
208 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&rl=http%3A%2F%2Ff0r.co%2FjK6g&if=false&ts=1589553341580&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589553341576.601610537&it=1589553341368&coo=false&rqm=GET
Requested by
Host: act.fordeal.com
URL: https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT, Fri, 15 May 2020 14:35:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 14:35:41 GMT
open
api2.branch.io/v1/
264 B
552 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
6b23bb293c2ba9a6dce1b8e5ff162bae2dbb7391f9a954d44483f8ac18883079

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
via
1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
HAM50-C2
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
264
x-amz-cf-id
gHHrIXpayy1ctcWc4cPF4FvFLAelIwmPohWG9_TLljDQDKfO8Uv95A==
adsct
analytics.twitter.com/i/
31 B
284 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o2wdm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Fri, 15 May 2020 14:35:41 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
72097562cdb84944efb12767bb82d882
x-transaction
004d966600ccc874
expires
Tue, 31 Mar 1981 05:00:00 GMT
pageview
api2.branch.io/v1/
28 B
362 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 15 May 2020 14:35:42 GMT
via
1.1 e028ce7d5e71301b0e973ef66c9bbff9.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
HAM50-C2
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
-PAZDiwhy1aHKyN36KkyDGojXD_1-iWoXd36U00T3cr3IRwCRvV9gw==
1
gw.fordeal.com/gw/dwp.cheetah.get/
376 B
413 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.get/1?data=%7B%22pid%22%3A%221946%22%7D&gw_ver=1&plat=h5&ct=1589553341936&appname=fordeal&sign=374b74911dd105a7a15dfbf52bf4e5d0
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d75148793359d4b81775bfdb909425bedb918a24cfa7e4e95d625ec9ceef2d
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
service-rt
4
gw-code
1001
cf-request-id
02ba5c3df200006461df859200000001
s_timestamp
1589553341
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
gw-rt
34
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT
cache-control
no-cache
access-control-allow-credentials
true
real-server
cheetah-2
gw-st
1589553341997
cf-ray
593d96431bc56461-FRA
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,Authorization
front-end-https
on
i
tr.snapchat.com/cm/ Frame 822B
0
0
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=765c7dbd-7208-491e-869b-293ae96b9453
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=765c7dbd-7208-491e-869b-293ae96b9453
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989

Response headers

status
200
server
nginx/1.17.3
date
Fri, 15 May 2020 14:35:42 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ Frame 41D6
0
0
Document
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
888
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://act.fordeal.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://act.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989

Response headers

status
200
server
nginx/1.17.3
date
Fri, 15 May 2020 14:35:42 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItInG4K56jBKzjeNpPC0rGdCONjWODKtB/ofjQ1qyAPaQz2ah+7H2gtMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/
44 B
152 B
Image
General
Full URL
https://www.facebook.com/tr/?id=171574500264944&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&rl=http%3A%2F%2Ff0r.co%2FjK6g&if=false&ts=1589553342080&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Fordeal%22%2C%22meta%3Adescription%22%3A%22fordeal%22%2C%22meta%3Akeywords%22%3A%22fordeal%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22fordeal%22%2C%22og%3Adescription%22%3A%22fordeal%22%2C%22og%3Aimage%22%3A%22%2F%2Fs3.forcloudcdn.com%2Fdmc%2Fb1daedd8-c2cb-4f64-a428-7a6bd0b7618a-400x400.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589553341576.601610537&it=1589553341368&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:42 GMT, Fri, 15 May 2020 14:35:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 14:35:42 GMT
/
www.facebook.com/tr/
44 B
106 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&rl=http%3A%2F%2Ff0r.co%2FjK6g&if=false&ts=1589553342081&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Fordeal%22%2C%22meta%3Adescription%22%3A%22fordeal%22%2C%22meta%3Akeywords%22%3A%22fordeal%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22fordeal%22%2C%22og%3Adescription%22%3A%22fordeal%22%2C%22og%3Aimage%22%3A%22%2F%2Fs3.forcloudcdn.com%2Fdmc%2Fb1daedd8-c2cb-4f64-a428-7a6bd0b7618a-400x400.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589553341576.601610537&it=1589553341368&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 14:35:42 GMT, Fri, 15 May 2020 14:35:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 May 2020 14:35:42 GMT
dotMets
client-metrics.fordeal.com/api/
32 B
269 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 May 2020 14:35:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
593d9649b8b36461-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
cf-request-id
02ba5c421300006461df904200000001
dotMets
client-metrics.fordeal.com/api/
32 B
288 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 May 2020 14:35:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://act.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
593d9655187e6461-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
cf-request-id
02ba5c493000006461df949200000001
collect
analytics.google.com/g/
0
44 B
Other
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-PN9BVHQEMH&gtm=2oe561&_p=1847732360&sr=1600x1200&ul=en-us&cid=1832377340.1589553341&_s=2&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fshare_wincode4%3Fpage_name%3Dshare%26pid%3D989%26customer_trace%3Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%26branch_link%3Dhttps%253A%252F%252Ffo.app.link%253Faf_dp%253Dhttps%25253A%25252F%25252Fact.fordeal.com%25252Fact%25252Fshare_wincode4%25253Ffd_data%25253Dy5EKAco7GfFrC0Br1FevtS%2525252FWRqvrafYorf%2525252BBfRo%2525252FPSGzb4lMsgIaqA%2525253D%2525253D%252526page_name%25253Ddetail%252526f%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526customer_trace%25253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%252526pid%25253D989%26lan%3Den%26act_promotion_short_url%3D989&dr=http%3A%2F%2Ff0r.co%2FjK6g&dt=fordeal&sid=1589553341&sct=1&seg=0&en=scroll&_et=315&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PN9BVHQEMH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.fordeal.com/act/share_wincode4?page_name=share&pid=989&customer_trace=p_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1&branch_link=https%3A%2F%2Ffo.app.link%3Faf_dp%3Dhttps%253A%252F%252Fact.fordeal.com%252Fact%252Fshare_wincode4%253Ffd_data%253Dy5EKAco7GfFrC0Br1FevtS%25252FWRqvrafYorf%25252BBfRo%25252FPSGzb4lMsgIaqA%25253D%25253D%2526page_name%253Ddetail%2526f%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526customer_trace%253Dp_fordeal.o_yezi.g_promo.c_winiphone1.t_20191216-160651.v_1%2526pid%253D989&lan=en&act_promotion_short_url=989
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 May 2020 14:35:46 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://act.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| lib number| rem number| dpr function| Vue function| axios function| Cookies object| F function| EventEmitter object| Mipha object| FdNative function| snaptr function| fbq function| _fbq object| dataLayer function| gtag object| branch function| twq object| google_tag_manager object| google_tag_data object| twttr object| gaGlobal function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.fordeal.com/ Name: _ga
Value: GA1.1.1832377340.1589553341
.fordeal.com/ Name: _fbp
Value: fb.1.1589553341576.601610537
.fordeal.com/ Name: _ga_PN9BVHQEMH
Value: GS1.1.1589553341.1.0.1589553341.60
.fordeal.com/ Name: web_id
Value: web_h5_79b12185448f4500811a5681fec194f6
.fordeal.com/ Name: __cfduid
Value: dd549e928ebbcd674eb7f3cfc293048731589553340

5 Console Messages

Source Level URL
Text
console-api warning URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js(Line 1)
Message:
not support ServiceWorker or fail to register
console-api warning URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js(Line 1)
Message:
not support ServiceWorker or fail to register
console-api log URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.1.0/url.js,libs/fd-dwp/1.5.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.4/native.js,libs/fd-logger/1.5.10/logger.js,libs/fd-tracker/1.5.9/tracker.js,libs/fd-promotion/1.1.3/promotion.js(Line 1)
Message:
%c monitor %c performance %c background:#35495e ; padding: 1px; border-radius: 3px 0 0 3px; color: #fff background:#d76156 ; padding: 1px; border-radius: 0 3px 3px 0; color: #fff background:transparent [object Object]
console-api log URL: https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.js(Line 1)
Message:
本地时间-系统时间: -0.298
console-api log URL: https://s3.forcloudcdn.com/assets/lego/713a06a15c7a0ac730622f125eff9818.js(Line 1)
Message:
本地时间-系统时间: -0.298

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.fordeal.com
analytics.google.com
analytics.twitter.com
api2.branch.io
app.link
cdn.branch.io
client-metrics.fordeal.com
connect.facebook.net
dot-hub-x.fordeal.com
dot.fordeal.com
f0r.co
googleads.g.doubleclick.net
gw.fordeal.com
s3.forcloudcdn.com
s4.forcloudcdn.com
sc-static.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.131
104.244.42.133
151.101.112.157
172.217.22.66
2600:9000:2016:400:11:f728:3040:93a1
2600:9000:2016:8600:19:9934:6a80:93a1
2606:4700:3033::681b:a440
2606:4700::6812:1491
2606:4700::6812:18c9
2606:4700::6812:19c9
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:821::2002
2a00:1450:400c:c0b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.255.141.85
35.186.226.184
52.222.182.104
54.154.129.93
54.230.183.52
02250b37f104092be7ace96d3195cbb7c94becff331025244836567a703527e2
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
0dd8a632dfa7779d548ba8c7a7267efac38e439aa195cef5ad7d046a94617a5a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d14b4ea9cc906ee22bdc5e2f588bcb368d039799bf6d6cf93b04d8048d01f53
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
24fb81993af311d91f57d23c0873fd8e583b5dcb0c52cba6f309d927f3ab7210
2736635b3e35d5834e9263ae36f067b7bffc34750a7300e11f24278d3ea43840
287e55b2ea1239677efe34a59661fdb7288750768664bdddb0a6b5a2cb519a3f
297b94373ac9dee66c90ed0e96dea8e3bfcf8088843261fd36605347224a1e88
2d5a7c4b24455e89cbeb544b979a58ad393b52e398108243b4bb912cdac06966
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
38f2f2b4e2d38b9d5788a9d358205fa29b61712fa749cd6e031ed1e3d785867a
39254bbdb549566c3cf9afc576a91757e378655a7ed041bc17f211b06a83d4f7
44060c7470a2086818fdd3deb66ce23ef3c8452adfcf57ae7fc8224339cad48c
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
59b005ccf607fc29baf092de5670829415e808905fa0291433ee64221bb327c6
5da91137e71ed2a29f6a77330b14418934ea8a6b284339fdbff16dd7e79d7379
6b23bb293c2ba9a6dce1b8e5ff162bae2dbb7391f9a954d44483f8ac18883079
6ce0af26a33dbf8034a0f13214bff3065273f56b42c341a81b18bbd72e9ae976
7df328a33777216cd0a0470eb168c7c7292ddc51d2cd087cb758b293af94aa36
92936571082c4c9eaf6dfa3880dc8eebb7e9a1db216bd7feda21f283902d5c59
92d75148793359d4b81775bfdb909425bedb918a24cfa7e4e95d625ec9ceef2d
9be62cb8b620c2c4ca4c58f9937bc86abb96672036df251bc67627451497d1ca
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a9a4844c8b9dc7dd9280cd95d16b4859e9a25a0575fca82acacd147343f6f024
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2da0e95fb2c36a7bfc05c04cac11298d76720b98e67d84519d915cd56dbe82
bc4293a2a1e7f8b4452ee9f9aa0f4ded36a33d211d6389abe100c959787fb950
c69baf2de80f927ca910d403b24e47521de784b1dd185b5e87d21b7a8f0775e9
c8b73603b6ec68550a682c9588d5a61a6b3ff1b3240f333a4ca6864c396ffa88
ca221bd3d5d4d8c7588c9336fea35a3bc3b2455f6d79e6454d7db29c99ee0753
ca583f6c15627e3c3df8b7b74047926a40e8aa90116a7adb391d3a747b25d776
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
d3d625a7d417c0a9c570fc78a02ec4a6ccbaf3deee0de64e559d23ec3c0a5f96
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e897daa4dc1db36ea23f55c3af196ca430840107004c55cb2a4fb2159710e94d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f30717321c84679347ac1f33c9f1fad2733e33c1e20c6d04aec7a1185b93e7
fb4847a2d7a2d9d2d2f43c43ccfe058803a1d7578df24a610162b426c18d8adf
fb4e2d04430caea4ab165db3ca76083ca88f76355e5108887fc64ae13601b1a3
fd8f385869a47be15376dbb1f5a2430896e483058c00921884294bf94da1e7c1