act.fordeal.com Open in urlscan Pro
2606:4700::6812:1591  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://f0r.co/2FHUb Page URL
2. https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	2FHUb Show response f0r.co/	2 KB 2 KB	129ms 95ms	Document text/html	2606:4700:3036::6815:55c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://f0r.co/2FHUb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:55c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c16ade65be2d3413042ed0117d674823bdf27a0e7e291a0c0131d324af90a995 Request headers :method GET :authority f0r.co :scheme https :path /2FHUb pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:21 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=d1d7a8a19085ab0e4165771e0b4c6e4941611166461; expires=Fri, 19-Feb-21 18:14:21 GMT; path=/; domain=.f0r.co; HttpOnly; SameSite=Lax refresh 2;url=https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 content-language en-US cf-cache-status DYNAMIC cf-request-id 07c29a46dd0000323c18ab7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9OGw3MJvk2U4xt9XugZ03%2BMs7Fk2KpBbtMj%2BkzZPf8tFKPNYFPVxGyZVWx%2BHkW3390RaOtkRHxwmh9bvqGOnVsn6EHKZI0U8973Bp2fUOW1a8rc%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 614ac65158c0323c-FRA content-encoding br
GET H2	200	37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif s3.forcloudcdn.com/dmc/	22 KB 22 KB	49ms 26ms	Image image/gif	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.forcloudcdn.com/dmc/37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif Requested by Host: f0r.co URL: https://f0r.co/2FHUb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://f0r.co/2FHUb User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:21 GMT cf-cache-status HIT age 6795083 cf-polished status=not_needed cf-ray 614ac6522c4ad70d-FRA last-modified Fri, 06 Dec 2019 07:52:56 GMT content-length 22117 x-amz-id-2 qFV9sgyfWPneA8YVT2IaL8/WErEdPP3tlL5gBpj4XrHzSsYb316kC0pBM1d4oEIK1NAEdodUN6Q= cf-bgj imgq:100,h2pri server cloudflare etag "62dd0f63cae4843fc18ab7564786bc64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id FBED43F01FCEAA3E cache-control public, max-age=172800 x-amz-version-id FtEke91YknnGoXGULXLtEtsHvwDQOhhv cf-request-id 07c29a47560000d70d89957000000001 accept-ranges bytes content-type image/gif expires Fri, 22 Jan 2021 18:14:21 GMT
GET H2	200	Primary Request award Show response act.fordeal.com/act/game/share/	7 KB 7 KB	437ms 67ms	Document text/html	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Requested by Host: f0r.co URL: https://f0r.co/2FHUb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f03ab0c1cdc11b114efedb3533f00444424abb0f1c55ec606e3786365e24c18 Request headers :method GET :authority act.fordeal.com :scheme https :path /act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://f0r.co/2FHUb accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://f0r.co/2FHUb Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-length 6741 set-cookie __cfduid=d6351271ffb640ae2069d4a13e84102731611166462; expires=Fri, 19-Feb-21 18:14:22 GMT; path=/; domain=.fordeal.com; HttpOnly; SameSite=Lax; Secure cf-cache-status DYNAMIC cf-request-id 07c29a48b500000631b803f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 614ac654583c0631-FRA
GET H2	200	index.css s4.forcloudcdn.com/-/libs/fd-base-style/1.3.2/base.css,libs/fd-lego-base/1.2.7/	22 KB 12 KB	273ms 64ms	Stylesheet text/css	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s4.forcloudcdn.com/-/libs/fd-base-style/1.3.2/base.css,libs/fd-lego-base/1.2.7/index.css Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f40a0f58b1a580d3a19f606a7babec916e4b1a881e14d5df77385ed754001b7c Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status HIT age 3172 cf-polished origSize=22879 x-cache-status HIT last-modified Tue, 27 Oct 2020 02:36:41 GMT web aws-ir1-front-cdnsrc-017149 cf-request-id 07c29a49fb0000d70d75bca000000001 cf-bgj minify server cloudflare etag W/"595f-t0WJvawEBzCeNBAzKHT2Nqg/Hs4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=172800 cf-ray 614ac6564e32d70d-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	d6af3475a0be820c06920268c147a1d1.css s3.forcloudcdn.com/assets/lego/	39 KB 11 KB	16ms 16ms	Stylesheet text/css	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.forcloudcdn.com/assets/lego/d6af3475a0be820c06920268c147a1d1.css Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 164c7144fc315021e9abe0b26367b4d6718abd1da4e4caf689aa0fdcca4aab8c Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status HIT age 2211357 cf-polished origSize=39513 last-modified Thu, 03 Dec 2020 02:40:47 GMT x-amz-request-id 57E9B6D6BFB00F4D x-amz-id-2 1j6yWLZPnIE/yGepUSTDnakLs1jDDizqdMDxQ0t57WRKsPlY/PnBl+LF/+k+m86QkcAyHmsHJN8= cf-bgj minify server cloudflare etag W/"fd0af967eddc0499479eea2807ca5c3d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=172800 x-amz-version-id TaT9VMhqmjJdIZxO.75l3s2cvJafVOP3 cf-request-id 07c29a49040000d70d48168000000001 cf-ray 614ac654dab4d70d-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	favicon.png s3.forcloudcdn.com/	176 B 493 B	30ms 29ms	Image image/webp	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.forcloudcdn.com/favicon.png Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae4f0e529fd049ee6c6211d0993b2abb8770feb295069037e6833926b9d2f3ec Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT cf-cache-status HIT age 421311 cf-polished origFmt=png, origSize=268 last-modified Sat, 12 Sep 2020 11:50:02 GMT content-length 176 content-disposition inline; filename="favicon.webp" x-amz-request-id CB3C88F39766D9D9 x-amz-id-2 i728feUwNUIjC3t1YaHfJ73xQXq2S6ESHlcFAOAb//k03OynxZovFX+NZq6KXUY6oDNmyFl8O54= cf-bgj imgq:100,h2pri server cloudflare etag "e8e99d8cec7157963e4717c8480e8516" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control public, max-age=172800 x-amz-version-id YLQ4VTKqEnhUdDcQfjgd57F.vNJngUTm cf-request-id 07c29a4a180000d70d289e0000000001 accept-ranges bytes cf-ray 614ac6568ebdd70d-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	cdef6048-715b-40de-8cd5-94353ae4dc80-530x100.png s3.forcloudcdn.com/dmc/	19 KB 19 KB	31ms 30ms	Image image/webp	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.forcloudcdn.com/dmc/cdef6048-715b-40de-8cd5-94353ae4dc80-530x100.png Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa61544d9ef006498f3fafbf1c26654d094597ab75ee8f9bb586acbc417d3821 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT cf-cache-status HIT age 592803 cf-polished origFmt=png, origSize=21623 last-modified Fri, 09 Oct 2020 12:53:37 GMT content-length 19280 content-disposition inline; filename="cdef6048-715b-40de-8cd5-94353ae4dc80-530x100.webp" x-amz-request-id 239072BFCEEF8750 x-amz-id-2 nDaWn+LfgUl7Q1irbXIJUngFhf4zKm/a3hSFTOFlMWeZMUcGl2MxbAhXygazWBka7KCkbVgnku4= cf-bgj imgq:100,h2pri server cloudflare etag "e7f273176159c39e4a446b7b4692f94a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control public, max-age=172800 x-amz-version-id QcwcAdJmqMT1EXe5_1nwlyOpd6Ikad3o cf-request-id 07c29a4a190000d70d2f092000000001 accept-ranges bytes cf-ray 614ac6568ec0d70d-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	js.cookie.js Show response s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/	79 KB 28 KB	229ms 23ms	Script application/javascript	2606:4700::6812:18c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae2da0e95fb2c36a7bfc05c04cac11298d76720b98e67d84519d915cd56dbe82 Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status HIT age 4970 cf-polished origSize=81621 x-cache-status HIT last-modified Tue, 03 Mar 2020 02:40:08 GMT web aws-ir1-front-cdnsrc-017149 cf-request-id 07c29a49e300004a9275028000000001 cf-bgj minify server cloudflare etag W/"13ed5-5h2nPdk4CmU5f8qYqWstdQ7INcI" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=172800 cf-ray 614ac65638664a92-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	base.js Show response s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.4.1/f.js,libs/fd-image/1.4.1/image.js,libs/fd-base/1.4.0/	46 KB 16 KB	19ms 18ms	Script application/javascript	2606:4700::6812:18c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.4.1/f.js,libs/fd-image/1.4.1/image.js,libs/fd-base/1.4.0/base.js?v=1 Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d3634fd05c9cf148e6476ed6ef6e10142adef31693b3be7bf5d38b03bfaa43c Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status HIT age 2872 cf-polished origSize=46837 x-cache-status HIT last-modified Mon, 26 Oct 2020 05:51:21 GMT web aws-ir1-front-cdnsrc-031095 cf-request-id 07c29a4a0100004a928c074000000001 cf-bgj minify server cloudflare etag W/"b6f5-xUR/u2xE7+PGxk7hiA8djrppPL0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=172800 cf-ray 614ac65668f24a92-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	promotion.js Show response s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd...	120 KB 32 KB	47ms 47ms	Script application/javascript	2606:4700::6812:18c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eb740c16639a6d9ac7d44b4d03889fc7be596fc1674caf25011fbd5dac8c14e Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status REVALIDATED cf-polished origSize=122761 x-cache-status HIT last-modified Thu, 12 Nov 2020 03:51:34 GMT web aws-ir1-front-cdnsrc-031095 cf-request-id 07c29a4a1600004a92831c3000000001 cf-bgj minify server cloudflare etag W/"1df89-zFJygrXPpSJflTZ2qWioDwOo1m4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=172800 cf-ray 614ac65689554a92-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	native-external.js Show response s4.forcloudcdn.com/-/libs/fd-mipha-core/2.4.0/app.js,libs/fd-lego-base/1.2.7/index.js,libs/fd-native-app/1.2.8/	20 KB 6 KB	42ms 41ms	Script application/javascript	2606:4700::6812:18c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s4.forcloudcdn.com/-/libs/fd-mipha-core/2.4.0/app.js,libs/fd-lego-base/1.2.7/index.js,libs/fd-native-app/1.2.8/native-external.js?v=1 Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 991be07ea791d1a2b5133b3cf2569dc64205aa37ea37f292ecc55f4ae994728b Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status REVALIDATED cf-polished origSize=20080 x-cache-status HIT last-modified Tue, 27 Oct 2020 02:36:41 GMT web aws-ir1-front-cdnsrc-031095 cf-request-id 07c29a4a1800004a92940cd000000001 cf-bgj minify server cloudflare etag W/"4e70-THG92ztLLOHgCxOz735NI1hGmsg" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=172800 cf-ray 614ac65689644a92-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	d6af3475a0be820c06920268c147a1d1.js Show response s3.forcloudcdn.com/assets/lego/	101 KB 29 KB	27ms 26ms	Script application/javascript	2606:4700::6812:18c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.forcloudcdn.com/assets/lego/d6af3475a0be820c06920268c147a1d1.js?v=1 Requested by Host: act.fordeal.com URL: https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c82c519a0e42030edefca4f3377c96eb526d855206c492e43a4650edfcec39aa Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 3854839 last-modified Thu, 03 Dec 2020 02:40:47 GMT x-amz-request-id 477DF1B5C5BF2B53 x-amz-id-2 r3+YOjpiInvbGwz3cYrtRKdgdtDXqPoGFKC7IlVOAPgXnhQ7qyNv/X0YJOo1MR0WXBvK2BxpWt4= cf-bgj minify server cloudflare etag W/"55b214e189a1ddd9182787648cd45578" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 6000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=172800 x-amz-version-id 8pCgVPRefJlAqlMX6yyUhJoUR8gcqBJ5 cf-request-id 07c29a4a1900004a927d9b8000000001 cf-ray 614ac65689664a92-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET H2	200	1 Show response gw.fordeal.com/gw/dwp.horizon.clientHttpRate/	101 B 1 KB	63ms 55ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gw.fordeal.com/gw/dwp.horizon.clientHttpRate/1?data=&gw_ver=1&plat=h5&ct=1611166462557&appname=fordeal&sign=bdf633aec1059f0b178048bc0c05e39b Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81bd3f9cfa4e8048c31e25c4c8d3a6f344418c0bfd6722ba03fb9cd3844398d7 Security Headers Name Value X-Frame-Options ALLOW-FROM https://www.snapchat.com Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers gw-trace-sampling 0 date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status DYNAMIC access-control-max-age 3600 service-rt 0 gw-code 1001 cf-request-id 07c29a4a6b0000063190102000000001 s_timestamp 1611166462 server cloudflare x-frame-options ALLOW-FROM https://www.snapchat.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" front-end-https on access-control-allow-methods POST, GET, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com gw-rt 11 access-control-expose-headers GW-ST,GW-Code,gw-set-cookie,GW-RT,gw-trace-id cache-control no-cache access-control-allow-credentials true real-server aws-ir1-base-horizon-prod-017184 gw-st 1611166462606 cf-ray 614ac65718d60631-FRA access-control-allow-headers Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain gw-trace-id 0.1d74b616c3c74fbd9461252bd3cf31ce.1750.16111664625954065
GET DATA	200 OK	truncated /	298 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b44163cb03740958fbf8b38b70317a2ec56567515513f86d37baca0dccd04a3c Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	1 Show response gw.fordeal.com/gw/dwp.common.serverTime/	101 B 243 B	59ms 58ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gw.fordeal.com/gw/dwp.common.serverTime/1?data=&gw_ver=1&plat=h5&ct=1611166462584&appname=fordeal&sign=4d1761c2649a35271e36e31c319b62d4 Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b6104b0666c4a45f5f7868917449bd17b54293ab9c5c936aebd9ae481365331 Security Headers Name Value X-Frame-Options ALLOW-FROM https://www.snapchat.com Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers gw-trace-sampling 0 date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status DYNAMIC access-control-max-age 3600 gw-code 1001 cf-request-id 07c29a4a7e00000631d2b80000000001 s_timestamp 1611166462 server cloudflare x-frame-options ALLOW-FROM https://www.snapchat.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" front-end-https on access-control-allow-methods POST, GET, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com gw-rt 1 access-control-expose-headers GW-ST,GW-Code,gw-set-cookie,GW-RT,gw-trace-id cache-control no-cache access-control-allow-credentials true gw-st 1611166462627 cf-ray 614ac65729440631-FRA access-control-allow-headers Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain gw-trace-id 0.5ebed3d3ca68434bb6da2dd3cfcfe132.142.16111664626269168
GET H2	200	b6f0e50e-ae85-4b75-a6b9-fc2d06e6933c-650x140.png s3.forcloudcdn.com/dmc/	11 KB 12 KB	20ms 20ms	Image image/webp	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s3.forcloudcdn.com/dmc/b6f0e50e-ae85-4b75-a6b9-fc2d06e6933c-650x140.png Requested by Host: s3.forcloudcdn.com URL: https://s3.forcloudcdn.com/assets/lego/d6af3475a0be820c06920268c147a1d1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f39624b6c39016601d7d80b2b921c2fcd68ccfce86210dae6d837a42c05bc0b Request headers Referer https://s3.forcloudcdn.com/assets/lego/d6af3475a0be820c06920268c147a1d1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT cf-cache-status HIT age 423613 cf-polished origFmt=png, origSize=12864 last-modified Tue, 06 Oct 2020 13:21:05 GMT content-length 11292 content-disposition inline; filename="b6f0e50e-ae85-4b75-a6b9-fc2d06e6933c-650x140.webp" x-amz-request-id F8E0718893E60C4B x-amz-id-2 LX59uF9gFtqc4HjY2eY2wmoOQtXgVsfBsBWFu+288lVybe92wL99Nu1JYULdpTtva8j8egKqp54= cf-bgj imgq:100,h2pri server cloudflare etag "783f6d6a2061c65e5015ef6078c9ed3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control public, max-age=172800 x-amz-version-id nugn7haYPP7irL0d_6Tea7ShgqCUsFwy cf-request-id 07c29a4a7f0000d70d512d5000000001 accept-ranges bytes cf-ray 614ac657381dd70d-FRA expires Fri, 22 Jan 2021 18:14:22 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0746983372f1b7e048c04f4b0b56b8f30d7b6240dc366d45ed329044d2c48392 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
OPTIONS H2	204	dotRecords dot-hub-x.fordeal.com/api/v2/ Frame	0 0	241ms 60ms	Other	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dot-hub-x.fordeal.com/api/v2/dotRecords Protocol H2 Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://act.fordeal.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 20 Jan 2021 18:14:22 GMT access-control-allow-origin https://act.fordeal.com access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS access-control-max-age 86400 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH cf-cache-status DYNAMIC cf-request-id 07c29a4b990000d6cdf634c000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 614ac658e8fdd6cd-FRA
POST H2	200	dotRecords Show response dot-hub-x.fordeal.com/api/v2/	32 B 164 B	95ms 95ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dot-hub-x.fordeal.com/api/v2/dotRecords Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618 Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 614ac659588f0631-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token cf-request-id 07c29a4bd200000631b7b84000000001
POST H2	200	dotRecord Show response dot.fordeal.com/api/	32 B 330 B	221ms 56ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dot.fordeal.com/api/dotRecord Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618 Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 20 Jan 2021 18:14:22 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 614ac658de8a0631-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token cf-request-id 07c29a4b8500000631a2a08000000001
GET H2	200	fd.promotion.config.json Show response h5.fordeal.com/	295 B 560 B	347ms 162ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.fordeal.com/fd.promotion.config.json Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 814363ffdc3390936740954a636377a4f4e8542fdd28b8a8a3a5be904a384d52 Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method cf-cache-status DYNAMIC x-amz-request-id 23ED517AC97A3DAC cf-ray 614ac658f912d6cd-FRA x-amz-id-2 J/ijM0MW8ovY/IJ2uvh7KuZX3UIRxVSg6iXQEiHEW5OzNm156uZAsgamBjQ47UnyzFbp3UxsTpA= last-modified Tue, 13 Oct 2020 04:06:04 GMT server cloudflare etag W/"6d1b53d8c6d692cc68227abe8d5859d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 6000 access-control-allow-methods GET x-amz-version-id 655NV3XTTEQYQ6xxGoLABByrH3Wd6kNn access-control-allow-origin * cf-request-id 07c29a4ba00000d6cd2c37b000000001 content-type application/json
GET H2	200	9eb7615d-13ae-4c1b-8d79-c147238820a2-750x540.jpg_0.jpg s4.forcloudcdn.com/dmc/	19 KB 19 KB	20ms 19ms	Image image/jpeg	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s4.forcloudcdn.com/dmc/9eb7615d-13ae-4c1b-8d79-c147238820a2-750x540.jpg_0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8148443d228eb296a94c0a9b59c9adce6e5dc45ec442df993673264fd63ac272 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT cf-cache-status HIT age 6618374 cf-polished origSize=21292, status=vary_header_present x-cache-status HIT last-modified Thu, 05 Nov 2020 03:46:41 GMT web aws-ir1-front-cdnsrc-031095 cf-request-id 07c29a4af80000d70d7b05c000000001 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type image/jpeg cache-control public, max-age=31536000 cf-ray 614ac657e9b0d70d-FRA expires Thu, 20 Jan 2022 18:14:22 GMT
GET H2	200	f510149e-49c6-489f-9979-6633d3228f6a-260x260.jpg_0.jpg s4.forcloudcdn.com/dmc/	6 KB 6 KB	16ms 16ms	Image image/jpeg	2606:4700::6812:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s4.forcloudcdn.com/dmc/f510149e-49c6-489f-9979-6633d3228f6a-260x260.jpg_0.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c654cc6f20fdbc364b6594b2c24e3aff4bdeb6ae88ab2438360c6ea11b1a20e Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:22 GMT cf-cache-status HIT age 6276044 cf-polished origSize=6648, status=vary_header_present x-cache-status HIT last-modified Mon, 09 Nov 2020 01:46:59 GMT web aws-ir1-front-cdnsrc-031095 cf-request-id 07c29a4af50000d70d7ba5d000000001 cf-bgj imgq:100,h2pri server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type image/jpeg cache-control public, max-age=31536000 cf-ray 614ac657e9b1d70d-FRA expires Thu, 20 Jan 2022 18:14:22 GMT
GET H2	200	scevent.min.js Show response sc-static.net/	13 KB 6 KB	136ms 61ms	Script application/javascript	65.9.73.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.4 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9 Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding gzip server CloudFront x-amz-cf-pop AMS1-C1 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 5415 via 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront) x-amz-cf-id KDOckLx6QBTXT5PEovAgYqyMyU9aAVtZw1sIlDZ__-KlyD54e46imA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	91 KB 23 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23762 x-fb-rlafr 0 pragma public x-fb-debug 7Sdtep6LMkPQyNfUusExTTWLSobJRSriLS3szH0URc6bw+YHgl8UzcrQ0CeQgapkvTgFAVv+EHAJkX9bwFiSeQ== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 20 Jan 2021 18:14:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	99 KB 40 KB	41ms 20ms	Script application/javascript	2a00:1450:4001:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-94012617-9 Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dee5597fad886057617694c8f1f9afea7411d74e6bbf7f2fe973d6104d13a183 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://act.fordeal.com cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40044 x-xss-protection 0 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	99 KB 39 KB	47ms 26ms	Script application/javascript	2a00:1450:4001:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-94012617-8 Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 17f20dc712984ef693e67939fb9dd23cb3166f44b61d7f332e07a08e8a23f1d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://act.fordeal.com cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39917 x-xss-protection 0 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H/1.1	200 OK	branch-latest.min.js Show response cdn.branch.io/	78 KB 24 KB	412ms 339ms	Script text/javascript	65.9.73.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.branch.io/branch-latest.min.js Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.3.1/url.js,libs/fd-dwp/1.7.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.8/native.js,libs/fd-f-dot/0.0.2/fDot.js,libs/fd-logger/1.8.0/logger.js,libs/fd-tracker/2.1.1/tracker.js,libs/fd-promotion/1.5.1/promotion.js?v=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.73.67 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3ff0169292598bec1751fce80d0024e2c9e55c406b7456ef3aefae30bf3a4efb Request headers Origin https://act.fordeal.com Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id c7Vvzbb8uKgHcC4eD_pqp123QB.GvKI. Content-Encoding gzip ETag "d4ba055ba82c0baa510053e92eb83211" X-Amz-Cf-Pop AMS1-C1 X-Cache RefreshHit from cloudfront Connection keep-alive Content-Length 23541 Access-Control-Allow-Origin * Last-Modified Thu, 19 Nov 2020 17:43:28 GMT Server AmazonS3 Date Wed, 20 Jan 2021 18:14:24 GMT Vary Origin Access-Control-Allow-Methods GET Content-Type text/javascript Via 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront) Cache-Control max-age=300 X-Amz-Cf-Id IMNTpk1QpoZ6bQRxn92TWAfkxRtmaPC3qZgl0JEcPoU9vPCABRybwQ==
GET H2	200	1 Show response gw.fordeal.com/gw/dwp.customerCenter.get_phone/	87 B 581 B	50ms 49ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gw.fordeal.com/gw/dwp.customerCenter.get_phone/1?data=&gw_ver=1&plat=h5&ct=1611166463041&appname=fordeal&sign=30ab1f594c10aea1c71b100da9704866 Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063 Security Headers Name Value X-Frame-Options ALLOW-FROM https://www.snapchat.com Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers gw-trace-sampling 0 date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br cf-cache-status DYNAMIC access-control-max-age 3600 service-rt 0 gw-code 1001 cf-request-id 07c29a4c4600000631e328b000000001 s_timestamp 1611166463 server cloudflare x-frame-options ALLOW-FROM https://www.snapchat.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" front-end-https on access-control-allow-methods POST, GET, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com gw-rt 3 access-control-expose-headers GW-ST,GW-Code,gw-set-cookie,GW-RT,gw-trace-id cache-control no-cache access-control-allow-credentials true real-server aws-ir1-trade-customer-center-prod-029116 gw-st 1611166463072 cf-ray 614ac65a0abd0631-FRA access-control-allow-headers Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain gw-trace-id 0.6a1a99935e0e4c3aa5277414ef0416b8.32.16111664630695274
GET H2	200	171574500264944 Show response connect.facebook.net/signals/config/	241 KB 69 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/171574500264944?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 80292afbff0219b514502857e0822d8d98db3e8a1cc00ebaf3ca9301ccb1ca5c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70588 x-fb-rlafr 0 pragma public x-fb-debug nh0PQKVyjplGjubT/usJuKeCyDIERQJeUyDcv7GJRzNueG0r81JP1HVHKOZF1EhbAesXxvcHgXFPffO1rs7x6g== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 20 Jan 2021 18:14:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 1203531502 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1232841863581518 Show response connect.facebook.net/signals/config/	240 KB 69 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1232841863581518?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9d351725ad43412559f15d1558e8ccb74d988b77a89ef33d2b747b6b5b36a179 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70492 x-fb-rlafr 0 pragma public x-fb-debug 4bKVy91ju1e1ygZSD7a1ujYPrurg1ISf0EoLZWq7KzuQMR8iTtlIUCV4xlr9q0oGZXKYcsApePjIR+w+tC7B6w== x-fb-trip-id 917726464 x-frame-options DENY date Wed, 20 Jan 2021 18:14:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 113767419 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	135 KB 51 KB	54ms 39ms	Script application/javascript	2a00:1450:4001:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-9 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cd56569a95301c7bafa05fe082fbdad13163a6fcfb18824f18dde58a5180e309 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52658 x-xss-protection 0 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	49ms 36ms	Script application/javascript	2a00:1450:4001:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-9 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5f88fe831877e7367773acebc65e2119db94985e8713584b13975250bd0ff102 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38990 x-xss-protection 0 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	135 KB 51 KB	54ms 41ms	Script application/javascript	2a00:1450:4001:816::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-9 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dcd85b8a836def05d72c48062b22aa202303c40aaaa9a515132794396dbdbc7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52656 x-xss-protection 0 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	948137468955233 Show response connect.facebook.net/signals/config/	241 KB 69 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/948137468955233?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7f10f6a02ff8dedcf5ccda22b9657db38ac8a77d35df330ce4aa1dee40c1d1b0 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 70584 x-fb-rlafr 0 pragma public x-fb-debug rdaiFzjLOxEOoovrBpZ6ooQPioyYPxzTEEHUg8Fk5HrGtXdsbdCUXdpwI9kceuU5ZnF5sjYKTIok3mrjH/IbrQ== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 20 Jan 2021 18:14:23 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 1924950400 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 259 B	10ms 9ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=171574500264944&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463156&cd[content_type]=product&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 212 B	11ms 10ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463160&cd[content_type]=product&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 214 B	11ms 10ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=948137468955233&ev=PageView&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463161&cd[content_type]=product&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	i tr.snapchat.com/cm/ Frame 3005	0 0	87ms 39ms	Document text/html	35.186.226.184 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.226.186.35.bc.googleusercontent.com Software nginx/1.17.3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority tr.snapchat.com :scheme https :path /cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Response headers server nginx/1.17.3 date Wed, 20 Jan 2021 18:14:23 GMT content-type text/html content-length 0 strict-transport-security max-age=31536000; includeSubDomains via 1.1 google alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	204	collect analytics.google.com/g/	0 185 B	15ms 13ms	Other text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-EHRJ3G5MJS&gtm=2oe161&_p=1520061658&sr=1600x1200&_gaz=1&ul=en-us&cid=1134309294.1611166463&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sid=1611166463&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 73 B	15ms 15ms	Other text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EHRJ3G5MJS&cid=1134309294.1611166463&gtm=2oe161&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	30 KB 13 KB	104ms 42ms	Script text/javascript	172.217.16.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s11-in-f2.1e100.net Software cafe / Resource Hash 1d157c29dfc8ba436a3a545700d80415322d767a77590034b55ff420091a0891 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 12170 x-xss-protection 0 server cafe etag 6642675572417127675 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	33ms 33ms	Image image/gif	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EHRJ3G5MJS&cid=1134309294.1611166463&gtm=2oe161&aip=1&z=686767227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	204	collect analytics.google.com/g/	0 337 B	48ms 12ms	Other text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-8XPR1T5L4G&gtm=2oe161&_p=1520061658&sr=1600x1200&_gaz=1&ul=en-us&cid=1134309294.1611166463&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sid=1611166463&sct=1&seg=0&en=page_view&_fv=1&_ss=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	204	collect stats.g.doubleclick.net/g/	0 337 B	44ms 15ms	Other text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8XPR1T5L4G&cid=1134309294.1611166463&gtm=2oe161&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 2562 date Wed, 20 Jan 2021 17:31:41 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Wed, 20 Jan 2021 19:31:41 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	39ms 32ms	Image image/gif	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8XPR1T5L4G&cid=1134309294.1611166463&gtm=2oe161&aip=1&z=1771182756 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	p tr.snapchat.com/ Frame 03FB	0 0	109ms 47ms	Document text/html	35.186.226.184 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.226.186.35.bc.googleusercontent.com Software nginx/1.17.3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method POST :authority tr.snapchat.com :scheme https :path /p content-length 498 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://act.fordeal.com content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://act.fordeal.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Response headers server nginx/1.17.3 date Wed, 20 Jan 2021 18:14:23 GMT content-type text/html content-length 0 access-control-allow-origin * cache-control no-cache, no-transform set-cookie sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgDwIlIqE/VcaqBKRjeO7+Za6bskceG5LZ3uMVsitM6nqIKBEAO9vIPH6SAqDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure strict-transport-security max-age=31536000; includeSubDomains via 1.1 google alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-Q050	200	p tr.snapchat.com/ Frame 8032	0 0	109ms 48ms	Document text/html	35.186.226.184 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 184.226.186.35.bc.googleusercontent.com Software nginx/1.17.3 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method POST :authority tr.snapchat.com :scheme https :path /p content-length 498 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 origin https://act.fordeal.com content-type application/x-www-form-urlencoded user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin https://act.fordeal.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 Response headers server nginx/1.17.3 date Wed, 20 Jan 2021 18:14:23 GMT content-type text/html content-length 0 access-control-allow-origin * cache-control no-cache, no-transform set-cookie sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIeM6LjIPiFgxvG1xYT1NwbgucKbud0oVC3kS4zhjNjARj9AMUNi9dMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure strict-transport-security max-age=31536000; includeSubDomains via 1.1 google alt-svc h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 66 B	13ms 13ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1520061658&t=pageview&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&ul=en-us&de=UTF-8&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1986947277&gjid=1677343&cid=1134309294.1611166463&tid=UA-94012617-9&_gid=2110672789.1611166463&_r=1&gtm=2ou161&tc=x&z=1549924239 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 25 B	14ms 14ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1520061658&t=pageview&_s=1&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&ul=en-us&de=UTF-8&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=2025332408&gjid=13670086&cid=1134309294.1611166463&tid=UA-94012617-8&_gid=2110672789.1611166463&_r=1&gtm=2ou161&z=1741368532 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-Q050	200	collect Show response stats.g.doubleclick.net/j/	4 B 109 B	18ms 18ms	XHR text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-94012617-8&cid=1134309294.1611166463&jid=2025332408&gjid=13670086&_gid=2110672789.1611166463&_u=IADAAUABAAAAAC~&z=30846707 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 20 Jan 2021 18:14:23 GMT content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	38ms 37ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-94012617-8&cid=1134309294.1611166463&jid=2025332408&_u=IADAAUABAAAAAC~&z=1256163735 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/	42 B 483 B	63ms 47ms	Image image/gif	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-94012617-8&cid=1134309294.1611166463&jid=2025332408&_u=IADAAUABAAAAAC~&z=1256163735 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/	3 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1611166463385&cv=9&fst=1611166463385&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&ref=https%3A%2F%2Ff0r.co%2F2FHUb&tiba=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 322d2384da59ef22fa2f30ee11282ccd92639a5b46a046e2ce28a3b571c65c48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1234 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/927470498/	42 B 530 B	63ms 41ms	Image image/gif	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/927470498/?random=1611166463385&cv=9&fst=1611165600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&ref=https%3A%2F%2Ff0r.co%2F2FHUb&tiba=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&async=1&fmt=3&is_vtc=1&random=1889829027&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-user-list/927470498/	42 B 112 B	23ms 20ms	Image image/gif	2a00:1450:4001:821::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/927470498/?random=1611166463385&cv=9&fst=1611165600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa161&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&ref=https%3A%2F%2Ff0r.co%2F2FHUb&tiba=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&async=1&fmt=3&is_vtc=1&random=1889829027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	_r Show response app.link/	90 B 746 B	193ms 161ms	Script text/javascript	2600:9000:2104:a200:19:9934:6a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.link/_r?sdk=web2.57.1&branch_key=key_live_pgNaS6ti52mXzBeOV4FlAkfhEBfccw5b&callback=branch_callback__0 Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:a200:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Express Resource Hash 6c5e362e6a8c6b63871dc3aa7435f4003130aeacb59bd9ef90c1b40d0a668a2d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 20 Jan 2021 18:14:23 GMT Via 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront) X-Content-Type-Options nosniff Server openresty X-Amz-Cf-Pop AMS1-C1 X-Powered-By Express X-Cache Miss from cloudfront Content-Type text/javascript; charset=utf-8 Connection keep-alive Content-Length 90 ETag W/"5a-SLAUy1rnrVfLn4JQKFoIIcQZEE4" X-Amz-Cf-Id hl2v22z5RW3liWCpRtvVElcQq8SpLHCXem6FbyvztuzkFH_iln9CXA==
POST H2	200	1 Show response gw.fordeal.com/gw/dwp.growth-api-svr.attribution-form/	84 B 311 B	57ms 57ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gw.fordeal.com/gw/dwp.growth-api-svr.attribution-form/1 Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99fe5b992fef63317f47c9dddcb6bfae6f6ed983cf809a4181b7c6da8a334728 Security Headers Name Value X-Frame-Options ALLOW-FROM https://www.snapchat.com Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers gw-trace-sampling 0 date Wed, 20 Jan 2021 18:14:23 GMT content-encoding br cf-cache-status DYNAMIC access-control-max-age 3600 service-rt 11 gw-code 1001 cf-request-id 07c29a4e40000006319a37c000000001 s_timestamp 1611166463 server cloudflare x-frame-options ALLOW-FROM https://www.snapchat.com expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" front-end-https on access-control-allow-methods POST, GET, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com gw-rt 17 access-control-expose-headers GW-ST,GW-Code,gw-set-cookie,GW-RT,gw-trace-id cache-control no-cache access-control-allow-credentials true real-server aws-ir1-growth-growth-dwp-api-prod-031027 gw-st 1611166463590 cf-ray 614ac65d3e060631-FRA access-control-allow-headers Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain gw-trace-id 0.af79001cb5594659bafd9b400ee96836.1740.16111664635735929
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=171574500264944&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463660&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!%20%22%2C%22meta%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22meta%3Akeywords%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.forcloudcdn.com%2Fdmc%2F7548244d-545a-448a-ad2b-480ccfeae7eb-750x600.jpg%22%2C%22og%3Asite_name%22%3A%22Fordeal%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	6ms 5ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1232841863581518&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463662&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!%20%22%2C%22meta%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22meta%3Akeywords%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.forcloudcdn.com%2Fdmc%2F7548244d-545a-448a-ad2b-480ccfeae7eb-750x600.jpg%22%2C%22og%3Asite_name%22%3A%22Fordeal%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=948137468955233&ev=Microdata&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&rl=https%3A%2F%2Ff0r.co%2F2FHUb&if=false&ts=1611166463663&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!%20%22%2C%22meta%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22meta%3Akeywords%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Adescription%22%3A%22%D8%A7%D9%8A%20%D9%81%D9%88%D9%86%2011%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D8%A8%D8%A7%D9%84%D9%86%D8%B3%D8%A8%D8%A9%20%D9%84%D9%83%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.forcloudcdn.com%2Fdmc%2F7548244d-545a-448a-ad2b-480ccfeae7eb-750x600.jpg%22%2C%22og%3Asite_name%22%3A%22Fordeal%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611166463155.520616390&it=1611166463064&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 18:14:23 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 20 Jan 2021 18:14:23 GMT
POST H2	200	open Show response api2.branch.io/v1/	264 B 577 B	192ms 164ms	XHR application/json	2600:9000:2104:6200:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/open Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:6200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 487996766a2936614235e86d7024812dac3e9002dc4b15ec8ee6f455b51cae5c Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 20 Jan 2021 18:14:23 GMT via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-C1 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control no-cache x-branch-request-id ab6ff0fff25e4517bba1adb349613e8c-2021012018 content-length 264 x-amz-cf-id ZMWdusHSVGcfXMrtDIVopeBclZpEKivi2GVTHS_Z-tA5oOxyLAkP8w==
POST H2	200	pageview Show response api2.branch.io/v1/	28 B 388 B	321ms 320ms	XHR application/json	2600:9000:2104:6200:11:f728:3040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api2.branch.io/v1/pageview Requested by Host: cdn.branch.io URL: https://cdn.branch.io/branch-latest.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:6200:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 20 Jan 2021 18:14:24 GMT via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-C1 x-powered-by Express etag W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * x-branch-request-id a06fc05c559944c0abb5153981ffee7c-2021012018 content-length 28 x-amz-cf-id C4WC_QvYZJKSxPVHxzkmrUtU1E-Ii-7P0Pfxb0xUoiKqP5kh7TnyOQ==
OPTIONS H2	204	dotMets client-metrics.fordeal.com/api/ Frame	0 0	424ms 48ms	Other	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client-metrics.fordeal.com/api/dotMets Protocol H2 Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://act.fordeal.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 20 Jan 2021 18:14:24 GMT access-control-allow-origin https://act.fordeal.com access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS access-control-max-age 86400 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH cf-cache-status DYNAMIC cf-request-id 07c29a51450000d6cdb1a53000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 614ac6620e56d6cd-FRA
POST H2	200	dotMets Show response client-metrics.fordeal.com/api/	32 B 250 B	104ms 104ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client-metrics.fordeal.com/api/dotMets Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618 Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Wed, 20 Jan 2021 18:14:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 614ac6625fb30631-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token cf-request-id 07c29a517700000631ef208000000001
POST H2	200	dotData Show response dot.fordeal.com/api/	32 B 117 B	71ms 71ms	XHR application/json	2606:4700::6812:1591 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dot.fordeal.com/api/dotData Requested by Host: s4.forcloudcdn.com URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618 Request headers Accept application/json, text/plain, */* Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 20 Jan 2021 18:14:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary accept-encoding access-control-allow-methods GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://act.fordeal.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 614ac6646e2f0631-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token cf-request-id 07c29a52c100000631973cc000000001
POST H2	204	collect analytics.google.com/g/	0 54 B	13ms 13ms	Other text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-EHRJ3G5MJS&gtm=2oe161&_p=1520061658&sr=1600x1200&ul=en-us&cid=1134309294.1611166463&_s=2&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sid=1611166463&sct=1&seg=0&en=scroll&_et=38&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 45 B	14ms 14ms	Other text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-8XPR1T5L4G&gtm=2oe161&_p=1520061658&sr=1600x1200&ul=en-us&cid=1134309294.1611166463&_s=2&dl=https%3A%2F%2Fact.fordeal.com%2Fact%2Fgame%2Fshare%2Faward%3Ff%3Dp_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1%26fdData%3Duh7YFDmtax4K%252FURUkIHfvr76qSTY0LMSs2%252BJTLICGqg%253D%26act_promotion_short_url%3D110909%26lan%3Dar%26cur%3DSAR%26luckyNumber%3D1012&dr=https%3A%2F%2Ff0r.co%2F2FHUb&dt=iPhone%2012%20%D9%85%D8%AC%D8%A7%D9%86%D8%A7%20%D9%84%D9%83%20!&sid=1611166463&sct=1&seg=0&en=scroll&_et=20&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8XPR1T5L4G&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.fordeal.com/act/game/share/award?f=p_fordeal.o_bixin.g_promo.c_share-winiphone5.t_20201016-103445.v_1&fdData=uh7YFDmtax4K%2FURUkIHfvr76qSTY0LMSs2%2BJTLICGqg%3D&act_promotion_short_url=110909&lan=ar&cur=SAR&luckyNumber=1012 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 20 Jan 2021 18:14:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.fordeal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT