fabfitfun.com Open in urlscan Pro
23.20.47.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fabfitfun.com/
Effective URL:
https://fabfitfun.com/get-the-box
Submission: On May 31 via manual (May 31st 2022, 2:11:34 pm UTC) from US — Scanned from DE

Summary HTTP 272 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 63 IPs in 6 countries across 44 domains to perform 272 HTTP transactions. The main IP is 23.20.47.40, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is fabfitfun.com. The Cisco Umbrella rank of the primary domain is 120762.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 21st 2021. Valid for: a year.

This is the only time fabfitfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	23.20.47.40 23.20.47.40	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
17	2600:9000:215... 2600:9000:2156:c00:1a:c126:2b00:93a1	16509 (AMAZON-02) (AMAZON-02)
17	54.227.212.212 54.227.212.212	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.103.41 143.204.103.41	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	143.204.101.66 143.204.101.66	16509 (AMAZON-02) (AMAZON-02)
2	143.204.93.244 143.204.93.244	16509 (AMAZON-02) (AMAZON-02)
3	52.217.101.166 52.217.101.166	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2 5	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:e000:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.219.18.11 18.219.18.11	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
2	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
30	23.36.163.232 23.36.163.232	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	52.59.40.31 52.59.40.31	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:a800:1f:af3f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	54.217.253.227 54.217.253.227	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1746	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 8	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
9 9	54.216.196.145 54.216.196.145	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
13	34.194.240.189 34.194.240.189	14618 (AMAZON-AES) (AMAZON-AES)
6	34.234.23.220 34.234.23.220	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
1	143.204.95.34 143.204.95.34	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:24e... 2600:1f18:24e6:b901:db60:f606:db80:b17	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	104.16.114.53 104.16.114.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
2	2600:9000:215... 2600:9000:2156:1200:6:8b80:1140:93a1	16509 (AMAZON-02) (AMAZON-02)
4	35.169.238.157 35.169.238.157	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	35.168.183.19 35.168.183.19	14618 (AMAZON-AES) (AMAZON-AES)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	54.69.55.17 54.69.55.17	16509 (AMAZON-02) (AMAZON-02)
1	52.27.128.188 52.27.128.188	16509 (AMAZON-02) (AMAZON-02)
2	104.16.113.53 104.16.113.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.118 143.204.98.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b901:2220:8eb4:de68:db12	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:215... 2600:9000:2156:3400:b:d158:c180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.231.48.201 3.231.48.201	14618 (AMAZON-AES) (AMAZON-AES)
272	63

3 23.20.47.40 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-47-40.compute-1.amazonaws.com

fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2156:c00:1a:c126:2b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

scontent01.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.227.212.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-212-212.compute-1.amazonaws.com

universal-navigation-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-66.fra50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.93.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-244.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.101.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8168391.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:e000:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.219.18.11 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-18-11.us-east-2.compute.amazonaws.com

collector-5366.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

js.crrnt.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 23.36.163.232 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-232.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.40.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-40-31.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:a800:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

lantern.roeyecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.253.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-253-227.eu-west-1.compute.amazonaws.com

lantern.roeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1746 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 66.155.71.150 (Portsmouth, United Kingdom) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.216.196.145 (Dublin, Ireland) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-196-145.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.194.240.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-240-189.compute-1.amazonaws.com

homepage-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
invitation-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
localization-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.234.23.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-23-220.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-34.fra50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:24e6:b901:db60:f606:db80:b17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.114.53 (None, )

ASN13335 (CLOUDFLARENET, US)

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1200:6:8b80:1140:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.exitintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.exitintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.169.238.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-238-157.compute-1.amazonaws.com

customize-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.183.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-183-19.compute-1.amazonaws.com

abtesting.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.69.55.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-55-17.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.128.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-128-188.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.113.53 (None, )

ASN13335 (CLOUDFLARENET, US)

api.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net

j576j5dsib.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:2220:8eb4:de68:db12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:3400:b:d158:c180:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.48.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-48-201.compute-1.amazonaws.com

betastats.exitintel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	fabfitfun.com 1 redirects fabfitfun.com — Cisco Umbrella Rank: 120762 scontent01.fabfitfun.com — Cisco Umbrella Rank: 232105 universal-navigation-api.fabfitfun.com — Cisco Umbrella Rank: 255167 homepage-api.fabfitfun.com — Cisco Umbrella Rank: 285772 invitation-api.fabfitfun.com — Cisco Umbrella Rank: 474377 login-api.fabfitfun.com — Cisco Umbrella Rank: 414421 localization-api.fabfitfun.com — Cisco Umbrella Rank: 311917 customize-api.fabfitfun.com — Cisco Umbrella Rank: 604530 content.fabfitfun.com — Cisco Umbrella Rank: 245487 abtesting.fabfitfun.com — Cisco Umbrella Rank: 369100 static.fabfitfun.com — Cisco Umbrella Rank: 244482	1 MB
30	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1030	167 KB
18	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1909 events.launchdarkly.com — Cisco Umbrella Rank: 1477 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1624 Failed	3 KB
11	recurly.com js.recurly.com — Cisco Umbrella Rank: 13390 api.recurly.com — Cisco Umbrella Rank: 36097	736 KB
11	doubleclick.net 4 redirects 8168391.fls.doubleclick.net — Cisco Umbrella Rank: 290421 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	7 KB
10	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 534 d.clarity.ms — Cisco Umbrella Rank: 2336 c.clarity.ms — Cisco Umbrella Rank: 1052	50 KB
9	gstatic.com fonts.gstatic.com	188 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 ajax.googleapis.com — Cisco Umbrella Rank: 277	100 KB
8	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2080	143 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 459	120 KB
7	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6117 adservice.google.de — Cisco Umbrella Rank: 8526	2 KB
7	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 324 c.bing.com — Cisco Umbrella Rank: 210	24 KB
6	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3109	751 B
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	851 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	256 KB
5	avct.cloud 5 redirects ads.avct.cloud — Cisco Umbrella Rank: 2606	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
4	avocet.io 4 redirects ads.avocet.io — Cisco Umbrella Rank: 4046	2 KB
4	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3134	382 B
4	basis.net 4 redirects pixel-a.basis.net — Cisco Umbrella Rank: 16352	264 B
4	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 3685	2 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1342 insight.adsrvr.org — Cisco Umbrella Rank: 559	5 KB
4	tvsquared.com collector-5366.tvsquared.com — Cisco Umbrella Rank: 279940	18 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	32 KB
4	amazonaws.com s3.amazonaws.com j576j5dsib.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 173229	13 KB
4	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2592 api.amplitude.com — Cisco Umbrella Rank: 1305 Failed	36 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	285 KB
3	exitintel.com get.exitintel.com — Cisco Umbrella Rank: 64477 cdn2.exitintel.com — Cisco Umbrella Rank: 68119 betastats.exitintel.com — Cisco Umbrella Rank: 75756	143 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832	67 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 555	107 B
2	roeyecdn.com lantern.roeyecdn.com — Cisco Umbrella Rank: 19489	5 KB
2	crrnt.app js.crrnt.app — Cisco Umbrella Rank: 87023	2 KB
2	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4150	22 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1086	15 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1444	136 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	4 KB
1	browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 11029	182 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 739	457 B
1	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7420	77 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 661	14 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2705	39 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1006 Failed	171 B
1	roeye.com lantern.roeye.com — Cisco Umbrella Rank: 37410	299 B
272	44

	Domain	Requested by
30	analytics.tiktok.com	fabfitfun.com analytics.tiktok.com
17	scontent01.fabfitfun.com	fabfitfun.com
16	universal-navigation-api.fabfitfun.com	scontent01.fabfitfun.com www.datadoghq-browser-agent.com
10	app.launchdarkly.com	scontent01.fabfitfun.com www.datadoghq-browser-agent.com
9	fonts.gstatic.com	fonts.googleapis.com
8	res.cloudinary.com
8	homepage-api.fabfitfun.com	scontent01.fabfitfun.com
8	fonts.googleapis.com	fabfitfun.com client scontent01.fabfitfun.com js.recurly.com
7	cdn.cookielaw.org	scontent01.fabfitfun.com www.datadoghq-browser-agent.com cdn.cookielaw.org
6	api.recurly.com	js.recurly.com www.datadoghq-browser-agent.com
6	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
6	events.launchdarkly.com	scontent01.fabfitfun.com www.datadoghq-browser-agent.com
6	d.clarity.ms	www.clarity.ms d.clarity.ms www.datadoghq-browser-agent.com
6	www.facebook.com	fabfitfun.com
6	www.google.de	fabfitfun.com
6	www.google.com	2 redirects fabfitfun.com
6	bat.bing.com	fabfitfun.com bat.bing.com
6	connect.facebook.net	cdn.segment.com connect.facebook.net fabfitfun.com
5	js.recurly.com	scontent01.fabfitfun.com api.recurly.com
5	ads.avct.cloud	5 redirects
5	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
5	8168391.fls.doubleclick.net	2 redirects www.googletagmanager.com adservice.google.com
5	www.google-analytics.com	www.googletagmanager.com fabfitfun.com
4	customize-api.fabfitfun.com	www.datadoghq-browser-agent.com
4	ads.avocet.io	4 redirects
4	pixel.sitescout.com	8168391.fls.doubleclick.net
4	pixel-a.basis.net	4 redirects
4	tags.w55c.net	1 redirects fabfitfun.com
4	collector-5366.tvsquared.com	fabfitfun.com
4	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
4	www.googletagmanager.com	fabfitfun.com cdn.segment.com
3	static.fabfitfun.com
3	s3.amazonaws.com	www.googletagmanager.com
3	fabfitfun.com	1 redirects scontent01.fabfitfun.com
2	content.fabfitfun.com	www.datadoghq-browser-agent.com
2	localization-api.fabfitfun.com	www.datadoghq-browser-agent.com
2	api.amplitude.com	cdn.amplitude.com www.datadoghq-browser-agent.com
2	clientstream.launchdarkly.com
2	insight.adsrvr.org	js.adsrvr.org
2	c.clarity.ms	1 redirects
2	id.rlcdn.com	s3.amazonaws.com
2	www.clarity.ms	bat.bing.com
2	adservice.google.com	8168391.fls.doubleclick.net
2	lantern.roeyecdn.com	www.dwin1.com
2	js.adsrvr.org	www.googletagmanager.com
2	js.crrnt.app	www.googletagmanager.com
2	www.dwin1.com	www.googletagmanager.com
2	sc-static.net	fabfitfun.com
2	cdn.amplitude.com	cdn.segment.com
2	cdn.segment.com	scontent01.fabfitfun.com
1	betastats.exitintel.com
1	cdn.jsdelivr.net	fabfitfun.com
1	session-replay.browser-intake-datadoghq.com	www.datadoghq-browser-agent.com
1	j576j5dsib.execute-api.us-east-1.amazonaws.com	ajax.googleapis.com
1	cdn2.exitintel.com	ajax.googleapis.com
1	geolocation.onetrust.com	www.datadoghq-browser-agent.com
1	ajax.googleapis.com	get.exitintel.com
1	abtesting.fabfitfun.com	scontent01.fabfitfun.com
1	get.exitintel.com	fabfitfun.com
1	hcaptcha.com	scontent01.fabfitfun.com
1	cdn.optimizely.com	www.datadoghq-browser-agent.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	fabfitfun.com
1	www.datadoghq-browser-agent.com	fabfitfun.com
1	api.segment.io	cdn.segment.com www.datadoghq-browser-agent.com
1	login-api.fabfitfun.com	scontent01.fabfitfun.com
1	invitation-api.fabfitfun.com	scontent01.fabfitfun.com
1	c.bing.com	1 redirects
1	adservice.google.de	1 redirects
1	lantern.roeye.com	fabfitfun.com
1	stats.g.doubleclick.net	www.google-analytics.com
272	72

This site contains links to these domains. Also see Links.

Domain
login.fabfitfun.com
support.fabfitfun.com
legal.fabfitfun.com
www.instagram.com
www.twitter.com
www.facebook.com
www.youtube.com
www.pinterest.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
fabfitfun.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-11-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.fabfitfun.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-07` - `2022-11-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-09` - `2022-06-07`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
*.tvsquared.com Amazon	`2021-09-16` - `2022-10-14`	a year	crt.sh
*.crrnt.app Amazon	`2022-01-08` - `2023-02-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.roeyecdn.com Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.roeye.com Amazon	`2021-11-08` - `2022-12-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
clientstream.launchdarkly.com Amazon	`2021-09-21` - `2022-10-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.w55c.net Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.recurly.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-02` - `2023-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
exitintel.com Amazon	`2022-04-18` - `2023-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-09-22` - `2022-10-21`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-25` - `2022-08-25`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://fabfitfun.com/get-the-box
Frame ID: 22B533F57E87C65241170FBA8A2FEB15
Requests: 234 HTTP requests in this frame

Frame: https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Frame ID: 86C67D6C660E6565B204B5A113475C82
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Frame ID: 7FAA8C816710A09FBA3BC0142DDC0713
Requests: 1 HTTP requests in this frame

Frame: https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Frame ID: 6188BE486D1C22CB6D1D205FBA89A1D8
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 55D7CA4E18A78DDAC126C217556C28F5
Requests: 1 HTTP requests in this frame

Frame: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
Frame ID: 6622BF31B01E181174B10528E0E04321
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=glnt0wu&ref=https%3A%2F%2Ffabfitfun.com%2F&upid=l2gottf&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&v=undefined
Frame ID: 6CA6417EC4A0B1EBA8F5D1276D138170
Requests: 1 HTTP requests in this frame

Frame: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box
Frame ID: A6BE17F883CE04B582F6D68A4ACEA719
Requests: 3 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 207667503C3A45C77906BD25E1C655BD
Requests: 1 HTTP requests in this frame

Frame: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
Frame ID: 113DBA5D8D25CEF4B88BE2ABB8174614
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: E0288B363AF7E497D8BF002088CC30ED
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=glnt0wu&ref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&upid=l2gottf&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&v=undefined
Frame ID: 94634C46CC8B8350A3B7A67A092D6578
Requests: 1 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 23E3BE731029A0AD1D301E9020F13154
Requests: 4 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 18E5B5604B1867863C926C2E3E0E474A
Requests: 4 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 722CE3F29985A1193E91E23E4BC2796D
Requests: 4 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: F00936370812C088664AC28D77E45215
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FabFitFun - Beauty, Fitness, LifestyleBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://fabfitfun.com/ HTTP 301
https://fabfitfun.com/ Page URL
https://fabfitfun.com/get-the-box Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

272
Requests

94 %
HTTPS

42 %
IPv6

44
Domains

72
Subdomains

63
IPs

6
Countries

4112 kB
Transfer

13380 kB
Size

53
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://login.fabfitfun.com/
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us/articles/201250797-How-does-the-subscription-work-
Title: Summer Box

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us/articles/360035970211-How-do-I-cancel-my-membership-
Title: click here

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#terms-of-use
Title: Terms of Use and Sale

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#box-membership-terms
Title: FabFitFun Membership Terms

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#terms-of-use/
Title: Terms of Use and Sale

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us/articles/360034415552#billing-shipping-schedule-0-0
Title: Billing / Shipping Schedule

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fabfitfun/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fabfitfun/

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#california-supply-chains-act
Title: California Supply Chains Act

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Click here to learn more about Cookies.

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#cookie-policy-uk
Title: View our Cookie Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fabfitfun.com/ HTTP 301
https://fabfitfun.com/ Page URL
https://fabfitfun.com/get-the-box Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fabfitfun.com/ HTTP 301
https://fabfitfun.com/

Request Chain 20

https://8168391.fls.doubleclick.net/activityi;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F HTTP 302
https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F

Request Chain 28

https://tags.w55c.net/rs?id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url= HTTP 302
https://tags.w55c.net/rs?sccid=17166c7a-f205-f872-1383-aa5281c6237d&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

Request Chain 55

https://adservice.google.de/ddm/fls/i/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F HTTP 302
https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F

Request Chain 58

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 59

https://pixel-a.basis.net/iap/b73ff82f193a33c8 HTTP 301
https://pixel.sitescout.com/iap/b73ff82f193a33c8

Request Chain 60

https://ads.avocet.io/getuid?url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3Atest%2Cv_pixels%3Asnapchat%25252Cfacebook%25252Coath%2Ccohort%3AallVendors%2Cga_uid%3AGA1.2.755578010.1654006286%2Ccust_id%3A%2Crmc_event_category%3APageView%2Cevent_name%3Aget-the-box%2Csemantic_seg%3A%2F%2Corder_id%3A1654006285639%2Chashed_id%3A%2Chash_algo%3A%2Crevenue%3A%2Cdoe_id%3Assq3gki%26redirect_url%3Dhttps%3A%2F%2Fid.rlcdn.com%2F710764.gif%3Fcparams%3Duuid%3D{{UUID}} HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3Atest%2Cv_pixels%3Asnapchat%25252Cfacebook%25252Coath%2Ccohort%3AallVendors%2Cga_uid%3AGA1.2.755578010.1654006286%2Ccust_id%3A%2Crmc_event_category%3APageView%2Cevent_name%3Aget-the-box%2Csemantic_seg%3A%2F%2Corder_id%3A1654006285639%2Chashed_id%3A%2Chash_algo%3A%2Crevenue%3A%2Cdoe_id%3Assq3gki%26redirect_url%3Dhttps%3A%2F%2Fid.rlcdn.com%2F710764.gif%3Fcparams%3Duuid%3D{{UUID}} HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3Atest%2Cv_pixels%3Asnapchat%25252Cfacebook%25252Coath%2Ccohort%3AallVendors%2Cga_uid%3AGA1.2.755578010.1654006286%2Ccust_id%3A%2Crmc_event_category%3APageView%2Cevent_name%3Aget-the-box%2Csemantic_seg%3A%2F%2Corder_id%3A1654006285639%2Chashed_id%3A%2Chash_algo%3A%2Crevenue%3A%2Cdoe_id%3Assq3gki%26redirect_url%3Dhttps%3A%2F%2Fid.rlcdn.com%2F710764.gif%3Fcparams%3Duuid%3D{{UUID}} HTTP 302
https://ads.avocet.io/s?add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:GA1.2.755578010.1654006286,cust_id:,rmc_event_category:PageView,event_name:get-the-box,semantic_seg:/,order_id:1654006285639,hashed_id:,hash_algo:,revenue:,doe_id:ssq3gki&redirect_url=https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 HTTP 307
https://ads.avct.cloud/s?r=1&add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:GA1.2.755578010.1654006286,cust_id:,rmc_event_category:PageView,event_name:get-the-box,semantic_seg:/,order_id:1654006285639,hashed_id:,hash_algo:,revenue:,doe_id:ssq3gki&redirect_url=https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 HTTP 302
https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527

Request Chain 81

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&RedC=c.clarity.ms&MXFR=0D22FA0A1A406B4A163CEBBF1E406519 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&MUID=23A3452093CA68290EEE549592186904

Request Chain 120

https://8168391.fls.doubleclick.net/activityi;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box HTTP 302
https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box

Request Chain 135

https://pixel-a.basis.net/dmp/asyncPixelSync HTTP 301
https://pixel.sitescout.com/dmp/asyncPixelSync

Request Chain 136

https://pixel-a.basis.net/iap/b73ff82f193a33c8 HTTP 301
https://pixel.sitescout.com/iap/b73ff82f193a33c8

Request Chain 145

https://ads.avocet.io/getuid?url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3Atest%2Cv_pixels%3Asnapchat%25252Cfacebook%25252Coath%2Ccohort%3AallVendors%2Cga_uid%3AGA1.2.755578010.1654006286%2Ccust_id%3A%2Crmc_event_category%3APageView%2Cevent_name%3Aget-the-box%2Csemantic_seg%3A%2Fget-the-box%2Corder_id%3A1654006287455%2Chashed_id%3A%2Chash_algo%3A%2Crevenue%3A%2Cdoe_id%3Assq3gki%26redirect_url%3Dhttps%3A%2F%2Fid.rlcdn.com%2F710764.gif%3Fcparams%3Duuid%3D{{UUID}} HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3Atest%2Cv_pixels%3Asnapchat%25252Cfacebook%25252Coath%2Ccohort%3AallVendors%2Cga_uid%3AGA1.2.755578010.1654006286%2Ccust_id%3A%2Crmc_event_category%3APageView%2Cevent_name%3Aget-the-box%2Csemantic_seg%3A%2Fget-the-box%2Corder_id%3A1654006287455%2Chashed_id%3A%2Chash_algo%3A%2Crevenue%3A%2Cdoe_id%3Assq3gki%26redirect_url%3Dhttps%3A%2F%2Fid.rlcdn.com%2F710764.gif%3Fcparams%3Duuid%3D{{UUID}} HTTP 302
https://ads.avocet.io/s?add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:GA1.2.755578010.1654006286,cust_id:,rmc_event_category:PageView,event_name:get-the-box,semantic_seg:/get-the-box,order_id:1654006287455,hashed_id:,hash_algo:,revenue:,doe_id:ssq3gki&redirect_url=https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 HTTP 307
https://ads.avct.cloud/s?r=1&add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:GA1.2.755578010.1654006286,cust_id:,rmc_event_category:PageView,event_name:get-the-box,semantic_seg:/get-the-box,order_id:1654006287455,hashed_id:,hash_algo:,revenue:,doe_id:ssq3gki&redirect_url=https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 HTTP 302
https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527

Request Chain 148

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&sscte=1&crd=&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLHB_RBcl5_zEDPqk86MS1LRtYOIgA7Fyg HTTP 302
https://www.google.com/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&cid=CAQSKQCNIrLMsp8RGUjExDGKnVuEGR9T0HrFmtEGYsOkydrbmQvLbO1JnP-8&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WEuE2u_KXnwMBwQRiN5T3UmrRKOGvVfysw&random=665776620&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&cid=CAQSKQCNIrLMsp8RGUjExDGKnVuEGR9T0HrFmtEGYsOkydrbmQvLbO1JnP-8&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WEuE2u_KXnwMBwQRiN5T3UmrRKOGvVfysw&random=665776620&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 149

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=DyKWYuX8I9allgTp-YyoDQ&sscte=1&crd=&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WKuw1mKJpHQ3rxR_v1Z3MAw0d3W0h1LjEA HTTP 302
https://www.google.com/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYuX8I9allgTp-YyoDQ&cid=CAQSKQCNIrLM9eIXFnAnD98lKXnnar3fEHP_9IuKSZpqlTIWhAkWANIp1Zp_&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLNc9qXhs3FTqXeEHV59alBI2ay4PqZDZw&random=2151093921&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYuX8I9allgTp-YyoDQ&cid=CAQSKQCNIrLM9eIXFnAnD98lKXnnar3fEHP_9IuKSZpqlTIWhAkWANIp1Zp_&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLNc9qXhs3FTqXeEHV59alBI2ay4PqZDZw&random=2151093921&resp=GooglemKTybQhCsO&ipr=y&prhg=0

272 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
fabfitfun.com/
Redirect Chain

http://fabfitfun.com/
https://fabfitfun.com/

4 KB
3 KB

490ms
101ms

Document
text/html

23.20.47.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fabfitfun.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.47.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-47-40.compute-1.amazonaws.com

Software

Nginx /

Resource Hash

d3ad3699821e985aad5a7655041382d273a846816af393e9e9c5d7a87d2c78c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300,public,must-revalidate
content-encoding: gzip
content-security-policy-report-only: default-src 'self' *.fabfitfun.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fabfitfun.com *.recurly.com *.amazonaws.com *.ada.support www.dwin1.com *.google-analytics.com *.doubleclick.net www.googleadservices.com www.googletagmanager.com *.hcaptcha.com hcaptcha.com *.exitintel.com *.facebook.net *.facebook.com *.tiktok.com *.cookielaw.org *.segment.com *.tvsquared.com *.onetrust.com *.adsrvr.org sc-static.net *.zdassets.com *.crrnt.app *.pixlee.com *.roeyecdn.com *.amplitude.com *.bing.com *.googleapis.com *.exitintel.com *.jsdelivr.net *.datadoghq-browser-agent.com *.gladly.com *.braintreegateway.com *.paypal.com *.cloudflare.com *.hotjar.com blob:; style-src 'self' 'unsafe-inline' *.fabfitfun.com *.googleapis.com; connect-src 'self' *.fabfitfun.com *.browser-intake-datadoghq.com api.recurly.com *.segment.io *.launchdarkly.com *.logs.datadoghq.com *.cookielaw.org *.optimizely.com *.launchdarkly.com *.ada.support *.doubleclick.net ekr.zdassets.com *.zendesk.com *.hcaptcha.com wss://*.zopim.com *.pixlee.com *.tiktok.com *.amplitude.com *.paypal.com *.braintree-api.com *.onetrust.com www.google-analytics.com pactsafe.io *.gladly.com *.hotjar.com; frame-src 'self' *.doubleclick.net *.avct.cloud *.avocet.io *.ada.support id.rlcdn.com *.hcaptcha.com *.recurly.com *.bidswitch.net *.sharethrough.com *.bfmio.com *.pubmine.com *.teads.tv *.gumgum.com *.paypal.com *.braintree-api.com *.adsrvr.org *.hotjar.com; img-src 'self' *.fabfitfun.com *.google-analytics.com *.discourse.org *.cloudinary.com *.w55c.net *.adxcel-ec2.com *.facebook.com *.hcaptcha.com *.amazonaws.com *.doubleclick.net *.roeye.com *.bing.com *.google.com *.scorecardresearch.com *.tvsquared.com *.twitter.com *.exitintel.com *.googleadservices.com *.media.net *.smartclip.net data:; font-src 'self' *.fabfitfun.com fonts.gstatic.com data:; media-src 'self' *.zdassets.com; object-src 'none';
content-type: text/html
date: Tue, 31 May 2022 14:11:25 GMT
etag: W/"7e756f11b05e7393ebc349ae0ec1059b"
last-modified: Thu, 26 May 2022 20:02:18 GMT
server: Nginx
x-cache-status: HIT
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 31 May 2022 14:11:24 GMT
Location: https://fabfitfun.com:443/
Server: awselb/2.0

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800|Playfair+Display:400,700|Roboto:300,400,500,70&display=swap

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabe1f9891280893a219ddd7b66da18328804228aadec53b7faddc388f4c52ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 14:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 2.1df3ecaa.chunk.css
scontent01.fabfitfun.com/homepage/cdn/static/css/ 73 KB
15 KB 58ms
12ms Stylesheet
text/css 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/homepage/cdn/static/css/2.1df3ecaa.chunk.css
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edea1b53d919de072c2f593498bde093df2af8b4e952e7e7b5758f2a85bb5b10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 03:55:22 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 20:53:38 GMT
server: AmazonS3
age: 728164
etag: W/"47a51e610f6c27512fd50867abe27029"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 89ASyTTrbC1tfGRfvS6fFpMMVnPEac4O_1NxKlvrhILmVlk2Z9HE-A==

GET
H2 200 main.aef2cc2d.chunk.css
scontent01.fabfitfun.com/homepage/cdn/static/css/ 25 KB
5 KB 57ms
11ms Stylesheet
text/css 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/homepage/cdn/static/css/main.aef2cc2d.chunk.css
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea5975a4255dbd492afe449ae6964dda4331f2850170909f5ae911b7b75197cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 02:28:33 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 19:50:45 GMT
server: AmazonS3
age: 4275773
etag: W/"995206ef29958bd17dc7751809ffd2f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: i6yxnN6qFfHe_Tkx9eK2ll9nbdeGyN7RK_w14tRz6vD7vpuHWPX_PA==

GET
H2 200 2.964e00d6.chunk.js Show response
scontent01.fabfitfun.com/homepage/cdn/static/js/ 2 MB
692 KB 59ms
13ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc54fb76d49326f8b101f7ecffb3f0e4dd31ca9e277457582ad5529ce27d04b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 21:15:58 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 20:53:38 GMT
server: AmazonS3
age: 1616128
etag: W/"f1904bf6473608e7ebe14722c74af5eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: O-PUKjBVKjC5Cai1JOBylO9Hv79ha3wFmi3TuARRdR-C5OP2vkUpIw==

GET
H2 200 main.e5be21d3.chunk.js Show response
scontent01.fabfitfun.com/homepage/cdn/static/js/ 38 KB
16 KB 70ms
24ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d74e26d9c3f3c998f8549e6b1e5a64f72c95b1548edba1f06436bd7fcafcaaab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 20:10:44 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 20:02:21 GMT
server: AmazonS3
age: 410442
etag: W/"152cb3a1cd8c5cad5d6ecb866a48a374"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DaTVZ8ZyP1v5EU7xfwsNAiNhl5SptSG7_cBb9zcy8UcgFynzcZA88A==

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 421ms
100ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
661 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f641c11dcdac2ee6259a226f5feb5d5106a17ba83e52453d18d8e8e937633c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 13:22:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
746 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,700|Playfair+Display:700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

106b0f97ef6a536202abd6f328d1fdbdc7bad4cadefb5dfd2a104420470a5e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 14:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 312 KB
86 KB 63ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e26e02a5dfc53ea2bfa7cdd893a500f4f0d540e18dee5e0a251a2c3e488b6469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87488
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/7kbHDCgVdd/ 406 KB
68 KB 45ms
10ms Script
text/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f95c07fa81f07fcd7f713beb0d169251d6e5623da52c05485bc4beff5fcfa42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 4xDgyEDJoZf9zu8O35IoQBTJLACWPj20
content-encoding: br
etag: W/"65e86580082f59f8fcc0492bd4e602a9"
age: 113
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 10 May 2022 22:59:59 GMT
server: AmazonS3
date: Tue, 31 May 2022 14:09:33 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LJIBhp5sZtJuq5z2AU20f57LoTB_HUx05_DRv2IGqmzchCAntcaY_g==

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 393ms
100ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 393ms
99ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 411ms
100ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: xf45okIUUuW42L5lx6Vr1r6BMlFh68SLHl41d1jBeW5OScCvSYHO/k9BKjKStlUSTsVzunaq6ge9VaV5z/twCQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 31 May 2022 14:11:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 36ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-805503010

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

926194ab1e7c020c3cd5bb578f78a59926d1060dd6600ef4591c2ac629fbe284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57951
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 32ms
9ms Script
application/javascript 143.204.101.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-66.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:13:13 GMT
content-encoding: gzip
age: 1249093
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: tv8eJLM-IUskK-MMnyZKXVher4hAh18AEsgFGXv_w4T82eYRTxXiTg==

GET
H2 200 scevent.min.js Show response
sc-static.net/ 20 KB
7 KB 53ms
25ms Script
application/javascript 143.204.93.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-244.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7166
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-id: kQvJWnehAKNpY-iGdIprKgbJelrkqHT9ICy4vREroO0REJU9MhrpYw==

GET
H/1.1 200
OK rmc-inc-rt.js Show response
s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/ 5 KB
5 KB 424ms
125ms Script
application/javascript 52.217.101.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/rmc-inc-rt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.101.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7291b9cd60a48e11ae39d26b51b97c0c4926cc881191147ae2d17ebeb2b3e201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
Last-Modified: Mon, 30 Nov 2020 20:02:25 GMT
Server: AmazonS3
x-amz-request-id: AVQ0VTTPY6MNMAX4
ETag: "405a04e91d3db2d66e679942c0647b5b"
Content-Type: application/javascript
Cache-Control: max-age=7200
Accept-Ranges: bytes
Content-Length: 5132
x-amz-id-2: ogRF8xGgxHKxTBXgJ67H7ezU5Krq4jS396es+Xi7ZUbkWdLQfVJxFXdDPlZo7oGi5oCOImSpI04=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2199
date: Tue, 31 May 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 31 May 2022 15:34:46 GMT

GET
H3

200

activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F Show response
8168391.fls.doubleclick.net/ Frame 86C6
Redirect Chain

https://8168391.fls.doubleclick.net/activityi;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F?
https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffab...

479 B
403 B

35ms
20ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

dd3e581ba85205add4d89a5a9006bf7bbded298c998325aa6afe90c117ab53f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 378
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
22ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

439bb68e4b99a7037363e3c9671380459a2e0aa1c8276fb1c68823da04608a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14847
x-xss-protection: 0
server: cafe
etag: 14193202862953550909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 6854.js Show response
www.dwin1.com/ 37 KB
11 KB 81ms
8ms Script
application/javascript 2600:9000:2156:e000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/6854.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2eb9b03e945ce0c2872600080523bd1a6fd20bda0194cd500187064b07c4f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: rN7McXQPafQA_39EVDOsLbdqxeAOG94a
content-encoding: gzip
etag: W/"10700f64e38cfaf8673183c3be26f649"
age: 35
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 13:03:51 GMT
server: AmazonS3
date: Tue, 31 May 2022 14:10:51 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CuYAlT2Ms7x1UuNsVKJ1YWUj9Rps7QZwQ641pOXL1kASpJpt7hbA8w==

GET
H/1.1 200
OK tv2track.js Show response
collector-5366.tvsquared.com/ 20 KB
9 KB 449ms
108ms Script
application/javascript 18.219.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-5366.tvsquared.com/tv2track.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.18.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-18-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 14:24:13 GMT
Server: nginx
ETag: "6222210d-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 31 May 2022 14:21:26 GMT

GET
H2 200 CA_Y2xpZW50SWQ9NDE Show response
js.crrnt.app/ls/cookie/ 982 B
1 KB 45ms
9ms Script
text/javascript 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.crrnt.app/ls/cookie/CA_Y2xpZW50SWQ9NDE
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 70317206c4eb3cbaa0ed2df4c6d540e9b152a12b365bac22034803a0e1f4f79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:55:58 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.20.0
age: 80127
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IVIkJpAIRH5Mk0vFW29ptJGwGKXlAOuLEjEucPVksV8548ML_lMOIQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 36ms
8ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 03:47:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 37454
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: uesTyspXcRGBIUc1ah6gjsidG60GAqm9RWDHUentsDbQPQsJLxa3ow==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 159 KB
44 KB 174ms
114ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2f8e1fbc92d43f059d4c082c53de84ec5410d932ef829c0c1a8c33a104e12cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 1bf00fd8.8ee9d9bb
date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-141.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 99,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=6, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 202205311411250100040050060030510B8F9BD7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.141
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f83c1ca0da38983a2694c402c6bedaf0a9d0a7ae8fbbc2c2178fed81fb319de755d5b791774e02eed1d018d5f62b84f4d6edc16c9f4e4d982d75f4b891372b4e31cd3f1ca3b94916d0bd55caa4ab7c5f9
expires: Tue, 31 May 2022 14:11:25 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 58ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC82F5A889924F778056949615829F60 Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:25Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 31 May 2022 14:11:25 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=
https://tags.w55c.net/rs?sccid=17166c7a-f205-f872-1383-aa5281c6237d&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

42 B
593 B

8ms
7ms

Image
image/gif

52.59.40.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=17166c7a-f205-f872-1383-aa5281c6237d&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

HTTP/1.1

Server

52.59.40.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-40-31.eu-central-1.compute.amazonaws.com

Software

Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0bda8cfa256b80e63@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 14:11:24 GMT
Server: Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0bda8cfa256b80e63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 31 May 2022 14:11:24 GMT
Server: Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-0e7593d38a0fef5c3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://tags.w55c.net/rs?sccid=17166c7a-f205-f872-1383-aa5281c6237d&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 409241942540187 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 350ms
341ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/409241942540187?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

182838b91e7ff23aeadea5b8d66f7eacdb7b38aa480a3454cf387bc93ff3072c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: hpD/+h/FAYpJIvhYYwhSAhnViVKFzLZgSj90+rUZ18Gwc5hgleI2KNPJEEw8GnXhcTLC/qoJtLT61cUV37V6nQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 14:11:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654006286040
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15829841-1&cid=755578010.1654006286&jid=2026594026&gjid=887189842&_gid=1712319525.1654006286&_u=YGBAgEABAAAAAE~&z=1637419867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 31 May 2022 14:11:25 GMT
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1701859164&t=pageview&_s=1&dl=https%3A%2F%2Ffabfitfun.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=FabFitFun&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=2026594026&gjid=887189842&cid=755578010.1654006286&tid=UA-15829841-1&_gid=1712319525.1654006286&gtm=2wg5p16N92&z=1723192937

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 14:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84599
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4031595.js Show response
bat.bing.com/p/action/ 218 B
474 B 150ms
150ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4031595.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6804f44394afc98f452e6c5be9a220a935a19c14c40a42a09d9909f9d62e5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CA3904B71324F1A925196E5FB08419B Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:25Z
date: Tue, 31 May 2022 14:11:25 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
176 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4031595&Ver=2&mid=62b7f57b-d5e7-4f85-8fa3-9c2b662b9d1a&sid=8eae35d0e0eb11ecab1f5784f8470cdc&vid=8eae3570e0eb11ecb2b63375caea80b8&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FabFitFun&p=https%3A%2F%2Ffabfitfun.com%2F&r=&lt=948&evt=pageLoad&msclkid=N&sv=1&rn=452773

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDF73CC0F11345ED92CD9FFD3944B1E4 Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:25Z
date: Tue, 31 May 2022 14:11:25 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/ 2 KB
2 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=1654006285738&cv=9&fst=1654006285738&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

067af1b34d61cee078a2519f0e3fca89839e804cb27167d83b586c5a9d735644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/ 2 KB
1 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/?random=1654006285741&cv=9&fst=1654006285741&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba15dd872587c79b3ed4caf4fc9e72a494eb452ade103c920f5291ae71cd6b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lantern_global_6854.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 45ms
13ms Script
application/javascript 2600:9000:2156:a800:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_6854.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/6854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de40eb341c46aaec05179c927639cb96f3872cac432ef3c8c6216c57026245ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 1dUbcS7GEWVksCu7wQROSqV4tHsFgZ4f
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 16:47:39 GMT
server: AmazonS3
age: 23435
etag: "138f89469fe5e4ace1421f82484255dd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 31 May 2022 07:40:51 GMT
x-amz-cf-pop: FRA50-C1
content-length: 1948
x-amz-cf-id: M5zwAe1FdGQsp6F21bfP7VWZCgXkBO-O0v7Qx_U_Icu9wXUOWU1Nhg==

GET
H2 200 dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 7FAA 478 B
847 B 68ms
42ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F

Requested by

Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/activityi;dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a15a8aa2ca8887762134e72a78441257a04897be1383f1f601c0234329910af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8168391.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 378
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 71ms
46ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15829841-1&cid=755578010.1654006286&jid=2026594026&_u=YGBAgEABAAAAAE~&z=1805432445

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 70ms
45ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15829841-1&cid=755578010.1654006286&jid=2026594026&_u=YGBAgEABAAAAAE~&z=1805432445

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/805503010/ 42 B
548 B 43ms
19ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805503010/?random=1654006285738&cv=9&fst=1654005600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=3868943787&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/805503010/ 42 B
108 B 44ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/805503010/?random=1654006285738&cv=9&fst=1654005600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=3868943787&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/805470366/ 42 B
108 B 45ms
22ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805470366/?random=1654006285741&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=1528183950&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/805470366/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/805470366/?random=1654006285741&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=1528183950&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track.php
lantern.roeye.com/ 0
299 B 129ms
31ms Image
image/gif 54.217.253.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lantern.roeye.com/track.php?fingerprint=91202879-c1fd-4a16-b78a-a6b81b9777d1&referrer=&landingpage=https%3A%2F%2Ffabfitfun.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&site=FabFitFunUS
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.253.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-253-227.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:25 GMT
Server: Apache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 106ms
106ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 5f1d6927.8ee9dd0b
date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 92,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202205311411250100040050060030230CC1DBB3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.104.142
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f266941e53fdee23dfc45ef23ed4fdf2442e49717f0888dfe0bd2fd67356d150befb01a58d09e326af88c1242b7aa45771ab11dbffe7f3028ffd3e8361c735739221bfef94dfd61791fe812d142d02fa2
expires: Tue, 31 May 2022 14:11:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
713 B 170ms
169ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6502f5dc.8ee9ddee
date: Tue, 31 May 2022 14:11:26 GMT
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 138,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=51, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112501000400500600301401A786C4
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.220.104.155
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7fdd51456955f0802ca4f2614be6ce18da594f72aeb9a0190eece2ecfd5045e1737bf0134b8c86c38c27505762a8c6216e2dcb33e685c7fb2360470e1b03079bb5a2d0c178264dc94e71c70d7d03806c0b
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
580 B 159ms
158ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112501000400402500400500600301402C954B4
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 124,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b63e5cac05419d3b32a5132b0e90e39cb3d171011fcb934ba9d9c936870d0ce5ba9324361e66bd97b151b70f6bd377f57dac25c5c8522af92edb6e2de1042c18d9
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=0, origin; dur=124
x-akamai-request-id: 8ee9de11
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
581 B 208ms
207ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411250100020076370040050060030130D8ADA92
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 162,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6b80c294eaf213d924fc10670074d4aba92ca9574b4e3456ea4dfd7d25267281e9c70c43b59c5bd3d7766538fa62c4b83b7165f1faac8b842695336f4f21b6043
server-timing: inner; dur=46, cdn-cache; desc=MISS, edge; dur=0, origin; dur=162
x-akamai-request-id: 8ee9de57
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
574 B 199ms
198ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411260100040050060030270DA667E6
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 137,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6dc47b408996345c8b2086f0123be2aa63252aadddc0a9d6e79d64eea499510a9f963c30110d1623d651ca1731b08dc5508178dd264cdcf47853d82b4c47f5732
server-timing: inner; dur=43, cdn-cache; desc=MISS, edge; dur=0, origin; dur=137
x-akamai-request-id: 8ee9de9c
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
724 B 621ms
620ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5f1d528f.8ee9dec2
date: Tue, 31 May 2022 14:11:26 GMT
x-cache-remote: TCP_MISS from a23-220-104-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 548,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=287, origin; dur=265, inner; dur=253
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112601000200763700400500600302200AAF531
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 265,23.220.104.142
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f266941e53fdee23dfc45ef23ed4fdf2408d3bb24e870fc7acf4f7dd491753639d4ab14e4cbd01151c75a84f1d9c5b74b1da9de4cd9fed5990e48362dd38ea1d4589c52c3cd74a8e492b5b7d29d08b7d0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
577 B 175ms
175ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112601000200763700400500600302903A31C29
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b629007bf1f480ad01e690baa68700004ee7125cff7e52267dfe47bea985aa67152ff94edc0430d2f12ed0ae44eb4ca9719538ea34e23451905863f83f22699c60
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=107
x-akamai-request-id: 8ee9deca
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 869 B
1 KB 173ms
173ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C6AN2PPO8QD6LKH45200&hostname=fabfitfun.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d484788eaece8777578947085573b0a7f8cca5238db694ac1a5fcf8da595d63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 65032fe4.8ee9ded8
date: Tue, 31 May 2022 14:11:26 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 104,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=12, inner; dur=3
content-length: 349
pragma: no-cache
server: nginx
x-tt-logid: 202205311411260100020060050050060030550E836A75
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.220.104.155
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7fdd51456955f0802ca4f2614be6ce18dae375f870e87e3a9932988e299827748b1e63a0ff4d3265a8cf23b7f36352f54461d6be3a0f502cb9c02e80d0c62b3c17d13865bb2c813d48199f4fe0faf70189
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
573 B 170ms
170ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220531141126010004005006003051127B2964
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b63786a4fb0265cc95aba253bb42cbb8ee1f4a1146a33d15fb75dac79166a4ecbc13da0d547384d01c01fa30c5fd7cf1993b3dd61d87d79965c32b36c67abe44c1
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-akamai-request-id: 8ee9dedf
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
580 B 207ms
207ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112601000200763700400500600300804ADA3D9
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 138,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6004d2db9b5098f150e733d713245a41d1405df8fbb43aeb86c719eaf8cf38ee94c2ffa13b3a212faf8de496da30cabc358baed883405b29ccdeb09fe9d23a0b5
server-timing: inner; dur=44, cdn-cache; desc=MISS, edge; dur=1, origin; dur=137
x-akamai-request-id: 8ee9deec
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

GET
H3

200

dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F Show response
8168391.fls.doubleclick.net/ddm/fls/r/ Frame 6188
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.c...
https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffab...

845 B
531 B

19ms
19ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

51307b3c0f38d9808fdcfd286a8a37bfdb1f69498aa89bd88cd07413a10932f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 506
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:25 GMT
expires: Tue, 31 May 2022 14:11:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4031595 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 188ms
127ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4031595
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4031595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 4e9486d6556613523d1fb8ae9cf4126f433f7190e20b8ce907cddf8b852f3b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
x-powered-by: ASP.NET
x-azure-ref: 0DSKWYgAAAABG5SgH4kaQSYPL9/FlHb4YQ1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 1540
expires: -1

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
577 B 145ms
145ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411260100020060050050060030400BBA60B3
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 130,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6f6581a7ecc3c0bfd0ad0bb7e7ca1159d54027189d7942c1d58dccce3420da812d0681074c1972d9c51b9106eafc1b742d44fc5fbc70af7576d2e1bcca0c854bb
server-timing: inner; dur=36, cdn-cache; desc=MISS, edge; dur=1, origin; dur=130
x-akamai-request-id: 8ee9dfdc
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 55D7
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

72ms
24ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 31 May 2022 14:11:26 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

b73ff82f193a33c8
pixel.sitescout.com/iap/ Frame 6188
Redirect Chain

https://pixel-a.basis.net/iap/b73ff82f193a33c8
https://pixel.sitescout.com/iap/b73ff82f193a33c8

0
191 B

73ms
25ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/b73ff82f193a33c8
Requested by: Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyH-Mj1ifgCFc0bBgAdjmkBCA;src=8168391;type=retarget;cat=retar0;ord=6139418268543;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2F
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8168391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/b73ff82f193a33c8
content-length: 0

GET
H2

451

710764.gif Show response
id.rlcdn.com/ Frame 6622
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3...
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_t...
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A...
https://ads.avocet.io/s?add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:...
https://ads.avct.cloud/s?r=1&add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga...
https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527

0
98 B

39ms
15ms

Document
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/rmc-inc-rt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 31 May 2022 14:11:26 GMT
via: 1.1 google

Redirect headers

content-length: 0
content-type: image/gif
date: Tue, 31 May 2022 14:11:26 GMT
location: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=PageView&dl=https%3A%2F%2Ffabfitfun.com%2F&rl=&if=false&ts=1654006286080&sw=1600&sh=1200&v=2.9.61&r=stable&a=seg&ec=0&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006285693&coo=false&dpo=&rqm=GET

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
576 B 120ms
119ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220531141126010002003005006003011009EA86C
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6db7f4147065da92efbe9760164d96a5664b848bc315615701c56745d9634cdb7af027429380ebcc60389a0a7757bd195ce5047b2d6585f90e570401f21cdc74f
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=1, origin; dur=105
x-akamai-request-id: 8ee9e20d
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
575 B 120ms
119ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411260100040050060030050BD057FC
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6cdd9b4cb5cb3f69d7b2189a34259a1fbd49730fd2ab3a0967829e0b276d07e29b48ae284606feed5113703fda080f02c2a7323f1f69a840b7bf766f99147179c
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=0, origin; dur=105
x-akamai-request-id: 8ee9e214
content-length: 0
expires: Tue, 31 May 2022 14:11:26 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.34/ 53 KB
23 KB 290ms
95ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4031595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:25 GMT
content-encoding: br
etag: "1d87336c650fb54"
last-modified: Sun, 29 May 2022 08:33:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK tv2track.php
collector-5366.tvsquared.com/ 42 B
276 B 108ms
107ms Image
image/gif 18.219.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-5366.tvsquared.com/tv2track.php?action_name=FabFitFun&idsite=TV-45633636-1&rec=1&r=060629&h=14&m=11&s=26&url=https%3A%2F%2Ffabfitfun.com%2F&_id=c7115c97c8de2b36&_idts=1654006286&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=102
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.18.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-18-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
Server: nginx
Connection: keep-alive
Request-Id: 83b31c45-6401-460c-88cb-3f4451d78739
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 100ms
100ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

OPTIONS
H2 200 5fb6c61b31c9750997aef3f3
app.launchdarkly.com/sdk/goals/ Frame 0
0 403ms
346ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5fb6c61b31c9750997aef3f3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 31 May 2022 14:11:26 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20779-CDG
x-timer: S1654006286.417069,VS0,VE331

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 100ms
100ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H2 200 5fb6c61b31c9750997aef3f3
app.launchdarkly.com/sdk/goals/ 2 B
181 B 346ms
346ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5fb6c61b31c9750997aef3f3

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Tue, 31 May 2022 14:11:27 GMT
content-length: 26
x-served-by: cache-cdg20779-CDG
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1654006287.763927,VS0,VE330
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMifQ Show response
app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/ 713 B
606 B 19ms
19ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/eyJrZXkiOiJhbm9ueW1vdXMifQ
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed4e6f9a747ce33cd09b21d909e25d3fc7fca47679b3e24d0929e0b34eb400ca

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: HIT
content-length: 217
x-served-by: cache-cdg20737-CDG, cache-cdg20779-CDG
access-control-allow-origin: *
x-timer: S1654006287.675752,VS0,VE3
etag: "38dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMifQ
app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/ Frame 0
0 313ms
258ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/eyJrZXkiOiJhbm9ueW1vdXMifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 31 May 2022 14:11:26 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20779-CDG
x-timer: S1654006286.417184,VS0,VE242

OPTIONS
H/1.1 204
No Content current
homepage-api.fabfitfun.com/hero-banners/ Frame 0
0 405ms
99ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/hero-banners/current
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

OPTIONS
H/1.1 204
No Content web-cards
homepage-api.fabfitfun.com/ Frame 0
0 406ms
100ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/web-cards?limit=18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

OPTIONS
H/1.1 204
No Content seasonal-timelines
homepage-api.fabfitfun.com/ Frame 0
0 405ms
99ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/seasonal-timelines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

OPTIONS
H/1.1 204
No Content box-status
homepage-api.fabfitfun.com/ Frame 0
0 405ms
99ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/box-status
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

GET
H/1.1 200
OK current
homepage-api.fabfitfun.com/hero-banners/ 952 B
1 KB 395ms
101ms Fetch
application/vnd.fabfitfun.v1+json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/hero-banners/current
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v1+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 451

GET
H/1.1 401
Unauthorized web-cards
homepage-api.fabfitfun.com/ 27 B
605 B 394ms
101ms Fetch
application/octet-stream 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/web-cards?limit=18
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 27

GET
H/1.1 401
Unauthorized seasonal-timelines
homepage-api.fabfitfun.com/ 27 B
605 B 395ms
102ms Fetch
application/octet-stream 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/seasonal-timelines
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 27

GET
H/1.1 401
Unauthorized box-status
homepage-api.fabfitfun.com/ 27 B
605 B 396ms
101ms Fetch
application/octet-stream 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://homepage-api.fabfitfun.com/box-status
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 27

OPTIONS
H2 204 5fb6c61b31c9750997aef3f3
events.launchdarkly.com/events/diagnostic/ Frame 0
0 300ms
97ms Preflight 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5fb6c61b31c9750997aef3f3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 31 May 2022 14:11:26 GMT
strict-transport-security: max-age=31536000

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&RedC=c.clarity.ms&MXFR=0D22FA0A1A406B4A163CEBBF1E406519
https://c.clarity.ms/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&MUID=23A3452093CA68290EEE549592186904

42 B
368 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&MUID=23A3452093CA68290EEE549592186904
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:25 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C01016E6CA6403FB76E6ED1B518EB96 Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:26Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&MUID=23A3452093CA68290EEE549592186904
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 202 5fb6c61b31c9750997aef3f3 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 99ms
99ms XHR
application/json 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5fb6c61b31c9750997aef3f3

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6CA6 0
182 B 98ms
31ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=glnt0wu&ref=https%3A%2F%2Ffabfitfun.com%2F&upid=l2gottf&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&v=undefined
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 31 May 2022 14:11:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 204 collect Show response
d.clarity.ms/ 0
91 B 280ms
279ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Tue, 31 May 2022 14:11:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

OPTIONS
H/1.1 204
No Content count
invitation-api.fabfitfun.com/invites/users/self/active/ Frame 0
0 403ms
100ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invitation-api.fabfitfun.com/invites/users/self/active/count
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:27 GMT

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 101ms
101ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 100ms
99ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:26 GMT

GET
H/1.1 401
Unauthorized verify-cookie
login-api.fabfitfun.com/login/ 37 B
624 B 412ms
99ms Fetch
application/vnd.fabfitfun.v1+json 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login-api.fabfitfun.com/login/verify-cookie
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v1+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 37

GET count
invitation-api.fabfitfun.com/invites/users/self/active/ 0
0

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 100ms
100ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 100ms
99ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:26 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMifQ Show response
app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/ 713 B
284 B 16ms
16ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/eyJrZXkiOiJhbm9ueW1vdXMifQ
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/2.964e00d6.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed4e6f9a747ce33cd09b21d909e25d3fc7fca47679b3e24d0929e0b34eb400ca

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: HIT
content-length: 217
x-served-by: cache-cdg20737-CDG, cache-cdg20779-CDG
access-control-allow-origin: *
x-timer: S1654006287.720255,VS0,VE0
etag: "38dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 2

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMifQ
app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/ Frame 0
0 16ms
15ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5fb6c61b31c9750997aef3f3/users/eyJrZXkiOiJhbm9ueW1vdXMifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 31 May 2022 14:11:26 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-cdg20779-CDG
x-timer: S1654006287.703655,VS0,VE0

GET eyJrZXkiOiJhbm9ueW1vdXMifQ
clientstream.launchdarkly.com/eval/5fb6c61b31c9750997aef3f3/ 0
0

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMifQ
clientstream.launchdarkly.com/eval/5fb6c61b31c9750997aef3f3/ 734 B
0 86ms
43ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5fb6c61b31c9750997aef3f3/eyJrZXkiOiJhbm9ueW1vdXMifQ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST p
api.segment.io/v1/ 0
0

POST /
api.amplitude.com/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=PageView&dl=https%3A%2F%2Ffabfitfun.com%2F&rl=&if=false&ts=1654006286905&sw=1600&sh=1200&v=2.9.61&r=stable&a=seg&ec=1&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006285693&coo=false&dpo=&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 31 May 2022 14:11:26 GMT

POST t
api.segment.io/v1/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=Experiment%20Viewed&dl=https%3A%2F%2Ffabfitfun.com%2F&rl=&if=false&ts=1654006286918&cd[shipping_country]=&cd[season_code]=&cd[device]=%7B%22type%22%3A%22Desktop%22%7D&cd[sessionId]=51f0fb1a-6dca-47c2-9e19-16bd37971fa4&cd[sessionCreationDate]=%222022-05-31T14%3A11%3A25.444Z%22&cd[experimentName]=Homepage%20Rebuild%20Launch&cd[variationName]=Challenger&sw=1600&sh=1200&v=2.9.61&r=stable&a=seg&ec=2&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006285693&coo=false&dpo=&eid=ajs-c656d28d17c061298485e2bdc1c4afea&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 31 May 2022 14:11:26 GMT

GET
H2 200 Primary Request get-the-box Show response
fabfitfun.com/ 114 KB
18 KB 103ms
103ms Document
text/html 23.20.47.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fabfitfun.com/get-the-box

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/homepage/cdn/static/js/main.e5be21d3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.47.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-47-40.compute-1.amazonaws.com

Software

Nginx /

Resource Hash

9994c767bc0b8cfe890b8c939f7fa0cf84e2eb5581f6a1e2c8047ab8bac07125

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300,public,must-revalidate
content-encoding: gzip
content-security-policy-report-only: default-src 'self' *.fabfitfun.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fabfitfun.com *.recurly.com *.amazonaws.com *.ada.support www.dwin1.com *.google-analytics.com *.doubleclick.net www.googleadservices.com www.googletagmanager.com *.hcaptcha.com hcaptcha.com *.exitintel.com *.facebook.net *.facebook.com *.tiktok.com *.cookielaw.org *.segment.com *.tvsquared.com *.onetrust.com *.adsrvr.org sc-static.net *.zdassets.com *.crrnt.app *.pixlee.com *.roeyecdn.com *.amplitude.com *.bing.com *.googleapis.com *.exitintel.com *.jsdelivr.net *.datadoghq-browser-agent.com *.gladly.com *.braintreegateway.com *.paypal.com *.cloudflare.com *.hotjar.com blob:; style-src 'self' 'unsafe-inline' *.fabfitfun.com *.googleapis.com; connect-src 'self' *.fabfitfun.com *.browser-intake-datadoghq.com api.recurly.com *.segment.io *.launchdarkly.com *.logs.datadoghq.com *.cookielaw.org *.optimizely.com *.launchdarkly.com *.ada.support *.doubleclick.net ekr.zdassets.com *.zendesk.com *.hcaptcha.com wss://*.zopim.com *.pixlee.com *.tiktok.com *.amplitude.com *.paypal.com *.braintree-api.com *.onetrust.com www.google-analytics.com pactsafe.io *.gladly.com *.hotjar.com; frame-src 'self' *.doubleclick.net *.avct.cloud *.avocet.io *.ada.support id.rlcdn.com *.hcaptcha.com *.recurly.com *.bidswitch.net *.sharethrough.com *.bfmio.com *.pubmine.com *.teads.tv *.gumgum.com *.paypal.com *.braintree-api.com *.adsrvr.org *.hotjar.com; img-src 'self' *.fabfitfun.com *.google-analytics.com *.discourse.org *.cloudinary.com *.w55c.net *.adxcel-ec2.com *.facebook.com *.hcaptcha.com *.amazonaws.com *.doubleclick.net *.roeye.com *.bing.com *.google.com *.scorecardresearch.com *.tvsquared.com *.twitter.com *.exitintel.com *.googleadservices.com *.media.net *.smartclip.net data:; font-src 'self' *.fabfitfun.com fonts.gstatic.com data:; media-src 'self' *.zdassets.com; object-src 'none';
content-type: text/html
date: Tue, 31 May 2022 14:11:27 GMT
etag: W/"8a57265c1aa066753bfe63d7ba97e040"
last-modified: Mon, 09 May 2022 21:40:36 GMT
server: Nginx
x-cache-status: HIT
x-frame-options: SAMEORIGIN

POST 0
bat.bing.com/actionp/ 0
0

POST collect
d.clarity.ms/ 0
0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 312 KB
85 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f5c31f5bb7c1f8d330c8cae17d85dc2418df66bc8f0c237a91bfd3754ec0461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87489
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 14:11:27 GMT

GET
H2 200 webpack-runtime-28340ad0b87367459b5d.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 5 KB
3 KB 641ms
640ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/webpack-runtime-28340ad0b87367459b5d.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcbf928e7361ff0611474ca11372d170b5c765fea5492886ce24b0260af7d8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"c5ad0481265cfb144f6bbf6b1168d3c7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: pdW-xdJ_HLnvd1wImEqRTI8tO4j0HL1CZOx48WBVY6CffNFQYU6XlA==

GET
H2 200 framework-b6e6b1003ff776104a36.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 22 KB
9 KB 631ms
630ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/framework-b6e6b1003ff776104a36.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b39eb230e1ff8d93627f34d927b695b76045e80dacdba001f8598c54f0333df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"eee2cd0f1d1dda8a97db8e36dfaa9629"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: 9VWOqjeg63LlXmIK3A6hzrkm15pE_-TamhWY1G7zYwiPeWRXGgrxpw==

GET
H2 200 app-bc86856c15078cfa314c.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 118 KB
35 KB 630ms
629ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/app-bc86856c15078cfa314c.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0100499988e9262cee416d3f87b5d033de22e1641e9b62d621a5420d588ac7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"2053b253cce2891b9263293f99130e4a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: FuVbHIJk9WQOH885Mr99CGWZoTNt1_HO74yGcNBgJ_a2u0inDfViMQ==

GET
H2 200 c9c6fe98-edb16cd32cd8f8c6b602.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 92 KB
23 KB 618ms
617ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/c9c6fe98-edb16cd32cd8f8c6b602.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 341d10775d40325601f79e194725a4ae344743c04823aacb0bbbe3d0b9442f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"8b5cb4717461f607c06445bea3cc538e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: dgXKh5Ck7JoEp9kn0uWmEM8Vas6t5Y76zow6ebXLJBkiz0h34lnAFg==

GET
H2 200 78d101ba-c08a37946da6ad2d4164.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 241 KB
44 KB 641ms
640ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/78d101ba-c08a37946da6ad2d4164.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9891d7fa51d8d655f4d120c810986445df9ac9756b7bd1bbba6064143fdb84a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"ef03948c9cb9bb0c76f9c1030cdf52f2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: SfjnFAbjLWewyNOgsAJuDOcI9rCUz9t6X8XC0Fh0HL2Jo8yPwuXiLw==

GET
H2 200 e49262fa-b96151326f4b0347943a.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 139 KB
44 KB 640ms
640ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/e49262fa-b96151326f4b0347943a.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abf017dc48957544574af45f235fa6c55a334b84e88513f9f9a58687733d013e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"3e00b6a26556ca00009f221e329b461f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: qbvZPWoM0d6KRwNf8NWlrhAtSBGjPwcG9MPmwzddzlNLzffZ5iiVQg==

GET
H2 200 441b9d674b5deff72a34aabde3b4d3ecd98fe406-e50a2d7b5c1cd69ce8ec.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 263 KB
75 KB 682ms
681ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/441b9d674b5deff72a34aabde3b4d3ecd98fe406-e50a2d7b5c1cd69ce8ec.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 970231232e3bd96a4e58f4a6520531a55cab085043bb7a436cc256aa488b4d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"32e95b89b01a5452353116f607e596c2"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: Js1isYUY6vdq0v4Pgo1VRWqkKCFYKMFYs6JeSVGnND5sgs4jJSxI-w==

GET
H2 200 7e3118c9d5dd08289ce0c3fd5c8677d06fd33f3c-8e91930ece7aef96122d.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 49 KB
17 KB 635ms
634ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/7e3118c9d5dd08289ce0c3fd5c8677d06fd33f3c-8e91930ece7aef96122d.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0fb7131022bfe0b4a80fe4b420898250853aaf1282d2a6e73ca9811885f23b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"b47eb64e6c3e9920092372b0504991d0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: nlwDhZf5lhR7ZqUGHKLyHjJW2w1aoAHOGvWV7u_kr3lZADrRwgj00w==

GET
H2 200 90a68c43a1f53687bde71df2d775b46ee8023b1d-1030dcbfc42f5a328420.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 233 KB
60 KB 732ms
731ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/90a68c43a1f53687bde71df2d775b46ee8023b1d-1030dcbfc42f5a328420.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb345b9d9035b453cdaac782b470bdabffdb009f5f51e134e92af04413658664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"a98fb692373f2fb1d6dbe2d5ff6a1788"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: aBkWrakxxcqQt0QtlV6rpMF4XDEHUzD5ehUoaH26SmO8ufvNqc5InQ==

GET
H2 200 component---src-pages-index-tsx-250a2e65508949ff3657.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 317 B
684 B 622ms
621ms Script
application/javascript 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/component---src-pages-index-tsx-250a2e65508949ff3657.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc99d6793f1200d25886a929f19473ba44fe663fbe4b91b06d79614f6f5c852d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 09 May 2022 21:40:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "75f69c67983a9a506fd2fa495ab061d1"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
accept-ranges: bytes
content-length: 317
x-amz-cf-id: q7pHZwMcrgpENrcVpPT4XqLqmYIAiiTnTfq_5qwzCXYegQOWCAiGjA==

GET
H2 200 page-data.json
scontent01.fabfitfun.com/gtb/cdn/page-data/index/ 142 B
698 B 666ms
645ms Other
application/json 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/page-data/index/page-data.json
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5f76f6b31c4863c12f6a316251c95daea7071e1dd2f16e32b703b022abe886b

Request headers

Referer: https://fabfitfun.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 142
last-modified: Mon, 09 May 2022 21:40:40 GMT
server: AmazonS3
etag: "57f4fea8d5bc19583c2b49aa7cc10c09"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: ETag
cache-control: max-age=31556952,public,immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: BhxXH0MkWYaCBk6FmBSqc2c8M4pALuh2PtX9Ew_DflCfMAnN54zn3w==

GET
H2 200 app-data.json
scontent01.fabfitfun.com/gtb/cdn/page-data/ 50 B
609 B 631ms
611ms Other
application/json 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/page-data/app-data.json
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dbda6faf1896f926936e6046ac1eab8f19eb403bb63be274f642615cedb1502

Request headers

Referer: https://fabfitfun.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA50-C1
x-cache: RefreshHit from cloudfront
content-length: 50
last-modified: Mon, 09 May 2022 21:40:40 GMT
server: AmazonS3
etag: "ed7979e6fa93ed14cd8b10f25d01b8c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: ETag
cache-control: max-age=31556952,public,immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: Z6kv0Xt7_Oqmh9KDbvfEzm_VgAWswhM5rA4k0W_0cSJ-aMAN8KMgFA==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22471
x-xss-protection: 0
pragma: public
x-fb-debug: zAt2uAJNv4WCvIsqbbl46R7BPKPV6ObGP7jy5EEAvzk8WL95D4KjbJCl0VyXFdSaHTUUC2pe2EEat6VeGvWayA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 14:11:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 20 KB
7 KB 10ms
9ms Script
application/javascript 143.204.93.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-244.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 01:40:34 GMT
content-encoding: gzip
server: CloudFront
age: 45053
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: Content-Type
content-length: 7166
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-amz-cf-id: qq5361a7L_uHTll5f-T42T6HLo9DW9sXub_rcPZMyZOc6zaiczTvvA==

GET
H/1.1 200
OK rmc-inc-rt.js Show response
s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/ 5 KB
5 KB 110ms
109ms Script
application/javascript 52.217.101.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/rmc-inc-rt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.101.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7291b9cd60a48e11ae39d26b51b97c0c4926cc881191147ae2d17ebeb2b3e201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:28 GMT
Last-Modified: Mon, 30 Nov 2020 20:02:25 GMT
Server: AmazonS3
x-amz-request-id: M02CC26BB9TEZR1X
ETag: "405a04e91d3db2d66e679942c0647b5b"
Content-Type: application/javascript
Cache-Control: max-age=7200
Accept-Ranges: bytes
Content-Length: 5132
x-amz-id-2: ciCH5siAv1nZF1aYtTnc7xaTMWHCPFm9wrYpqJSTmEQNF/0QtH5vOuy82CP4Xg+5hGwmR+1r2OA=

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2201
date: Tue, 31 May 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 31 May 2022 15:34:46 GMT

GET
H3

200

activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box Show response
8168391.fls.doubleclick.net/ Frame A6BE
Redirect Chain

https://8168391.fls.doubleclick.net/activityi;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?
https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffab...

1 KB
678 B

23ms
23ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

5975bc8be7f37911e0ce168775378c797da4c20106ce3302ef77b1fd6fc5c3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 655
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:27 GMT
expires: Tue, 31 May 2022 14:11:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 14:11:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 44ms
24ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

439bb68e4b99a7037363e3c9671380459a2e0aa1c8276fb1c68823da04608a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14847
x-xss-protection: 0
server: cafe
etag: 14193202862953550909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 May 2022 14:11:27 GMT

GET
H2 200 6854.js Show response
www.dwin1.com/ 37 KB
11 KB 13ms
13ms Script
application/javascript 2600:9000:2156:e000:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/6854.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2eb9b03e945ce0c2872600080523bd1a6fd20bda0194cd500187064b07c4f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: rN7McXQPafQA_39EVDOsLbdqxeAOG94a
content-encoding: gzip
etag: W/"10700f64e38cfaf8673183c3be26f649"
age: 37
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 13:03:51 GMT
server: AmazonS3
date: Tue, 31 May 2022 14:10:51 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r5MP20PPMGY-V8nBf49jWJu91ROQ-GzbgDfWqAmgQ3xgbxx-o_E3Bw==

GET
H/1.1 200
OK tv2track.js Show response
collector-5366.tvsquared.com/ 20 KB
9 KB 109ms
109ms Script
application/javascript 18.219.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-5366.tvsquared.com/tv2track.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.18.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-18-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 14:24:13 GMT
Server: nginx
ETag: "6222210d-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 31 May 2022 14:21:27 GMT

GET
H2 200 CA_Y2xpZW50SWQ9NDE Show response
js.crrnt.app/ls/cookie/ 982 B
1 KB 10ms
9ms Script
text/javascript 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.crrnt.app/ls/cookie/CA_Y2xpZW50SWQ9NDE
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 70317206c4eb3cbaa0ed2df4c6d540e9b152a12b365bac22034803a0e1f4f79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:55:58 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
server: nginx/1.20.0
age: 80129
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NMyvodq_mptjQrp08nnWfyhKJmcKgrDYiIaUNgHCH_BeOJuFz_-YOQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 03:47:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 37456
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 9EBV-auseDq-u_2iVJSj4BiVRzfI3-HlPeMnwYPrUDb7Eci6K7rMPw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 159 KB
44 KB 111ms
111ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7fa80c9a3595b623f4a6073a52ee6decc51e6db84f640aad05ed64a3117196fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100040050060030330C8F8208
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6e6243652598dc14dfdf7cd838d2db656b39b6b84f98d19d6d771916c5e42a0bbc773331f1b245e5b1e7d0ea03abd37b442276e0fc8c4e6fee39e46e34d0836e8
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=97
x-akamai-request-id: 8eea01a8
expires: Tue, 31 May 2022 14:11:27 GMT

GET
H2 200 datadog-rum-v3.js Show response
www.datadoghq-browser-agent.com/ 115 KB
39 KB 36ms
8ms Script
application/javascript 143.204.95.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-34.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:10:36 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 16:36:14 GMT
server: AmazonS3
age: 52
etag: W/"647fda9a4d3d74344732d76cf1fff47c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: s2dHSS4sgKKQSkZ24naDGr802A-WP4-T5t4Fy5AxphNux20vHyiu8A==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 31ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 315FFFAD6EE642218F42F452F688E62F Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:27Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 31 May 2022 14:11:27 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 hotjar-306880.js Show response
static.hotjar.com/c/ 5 KB
3 KB 86ms
38ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-306880.js?sv=6

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

5912c149cfa07e89f6c7f9c256559218e93535e5a1f68ecee0bd2779659f5dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/23bdb49d917b9a4f91fea411da7b2c49
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: GsCY_dkiKU1iyrrdjI749fLkvu5Xj6Ft_1DtKgowNUEjrvAdc19O5w==
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)

GET
H/1.1 200 rs
tags.w55c.net/ 42 B
593 B 10ms
9ms Image
image/gif 52.59.40.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=https%3A%2F%2Ffabfitfun.com%2F

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.40.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-40-31.eu-central-1.compute.amazonaws.com

Software

Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 14:11:27 GMT
Server: Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 rs
tags.w55c.net/ 42 B
593 B 18ms
8ms Image
image/gif 52.59.40.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?id=a70be9c415d241c8b658269bc2182cb5&t=homepage

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.40.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-40-31.eu-central-1.compute.amazonaws.com

Software

Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 14:11:27 GMT
Server: Retargeting/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lantern_global_6854.min.js Show response
lantern.roeyecdn.com/ 2 KB
2 KB 11ms
11ms Script
application/javascript 2600:9000:2156:a800:1f:af3f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lantern.roeyecdn.com/lantern_global_6854.min.js
Requested by: Host: www.dwin1.com
URL: https://www.dwin1.com/6854.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a800:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de40eb341c46aaec05179c927639cb96f3872cac432ef3c8c6216c57026245ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 1dUbcS7GEWVksCu7wQROSqV4tHsFgZ4f
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 16:47:39 GMT
server: AmazonS3
age: 23437
etag: "138f89469fe5e4ace1421f82484255dd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 31 May 2022 07:40:51 GMT
x-amz-cf-pop: FRA50-C1
content-length: 1948
x-amz-cf-id: mMasc1QL9vcDuj2bXqWQN4TAvd_TE69rOr2k36f2l_ndjlqBdjQPwg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1395492123&t=pageview&_s=1&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&dp=%2Fget-the-box&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCAgEAB~&jid=&gjid=&cid=755578010.1654006286&tid=UA-15829841-1&_gid=1712319525.1654006286&gtm=2wg5p16N92&z=543925997

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 14:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84601
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=*;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box
adservice.google.com/ddm/fls/z/ Frame A6BE 42 B
63 B 58ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=*;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box

Requested by

Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8168391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2076
Redirect Chain

https://pixel-a.basis.net/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync

0
0

33ms
31ms

Document
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 31 May 2022 14:11:26 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
location: https://pixel.sitescout.com/dmp/asyncPixelSync

GET
H2

204

b73ff82f193a33c8
pixel.sitescout.com/iap/ Frame A6BE
Redirect Chain

https://pixel-a.basis.net/iap/b73ff82f193a33c8
https://pixel.sitescout.com/iap/b73ff82f193a33c8

0
191 B

29ms
29ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/b73ff82f193a33c8
Requested by: Host: 8168391.fls.doubleclick.net
URL: https://8168391.fls.doubleclick.net/activityi;dc_pre=CMj94sn1ifgCFcXHUQodXVMCjQ;src=8168391;type=retarget;cat=retar0;ord=3436416532438;gtm=2wg5p1;auiddc=383624995.1654006286;~oref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box?
Protocol: H2
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8168391.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:26 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/b73ff82f193a33c8
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/ 2 KB
1 KB 46ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/?random=1654006287568&cv=9&fst=1654006287568&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5f4ec1ab81cd61228c39777f8271caae248b6666f59ce5f48da521ce779393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/805503010/ 2 KB
1 KB 27ms
27ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/805503010/?random=1654006287569&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

721db9cad24a7357b39c116ba669c6f015115e3bc49686ebd2146eb882b6762c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/994993128/ 2 KB
1 KB 37ms
37ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/994993128/?random=1654006287575&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

49e0e12f3a55bc9f505da95fd1737c1e984930789e671d2c06921067245a5189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4031595.js Show response
bat.bing.com/p/action/ 218 B
430 B 335ms
334ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4031595.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6804f44394afc98f452e6c5be9a220a935a19c14c40a42a09d9909f9d62e5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E9D4C181C914E5984DB471B8DD12DB2 Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:27Z
date: Tue, 31 May 2022 14:11:27 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
120 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4031595&Ver=2&mid=f1b1bfa6-b038-4256-a030-eb4c8ccfeb73&sid=8eae35d0e0eb11ecab1f5784f8470cdc&vid=8eae3570e0eb11ecb2b63375caea80b8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&r=https%3A%2F%2Ffabfitfun.com%2F&lt=288&evt=pageLoad&msclkid=N&sv=1&rn=851104

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D915A11DE9C447FA8D36E48A6BF4591 Ref B: FRAEDGE1317 Ref C: 2022-05-31T14:11:27Z
date: Tue, 31 May 2022 14:11:27 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 6b0d0fb9-1246-4d65-86d8-a837508400e8
https://fabfitfun.com/ 26 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fabfitfun.com/6b0d0fb9-1246-4d65-86d8-a837508400e8
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length: 26149

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 37 KB
9 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28d503bfec76a3b13f2f7733b4819013712326adc99c863bf4c96980e36e81ab

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 9256
x-xss-protection: 0
pragma: public
x-fb-debug: lRDbcutm1NmXSJsVccoIwZoUQjIQYrJXSaVYklDLCQydMfizcsH9w5d4i+rr9HHgFdHaJHLmSMfAr5ELGhxkYw==
x-frame-options: DENY
date: Tue, 31 May 2022 14:11:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 409241942540187 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/409241942540187?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e2bac853b28a04a86d254b662b06212a5e13de438e57f9211d81b1159ea13a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: BCiF3q9VyGV+kH89Kv+ibwd8dgHM3xNgF9L7LE1I4gLy1wecegUj+Y0ZwJHRYFQfOjkT2l1XEUA6dBsj01QZOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 14:11:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654006287675
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

451

710764.gif Show response
id.rlcdn.com/ Frame 113D
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_type%3...
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fads.avocet.io%2Fs%3Fadd%3D5f896d5442ed865a48789f64%26ty%3Dh%26values%3Dregion%3A840%2Cc%3A12%2Crmc_config_version%3Av1%2Crmc_segid%3A1%2Ccohort_t...
https://ads.avocet.io/s?add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga_uid:...
https://ads.avct.cloud/s?r=1&add=5f896d5442ed865a48789f64&ty=h&values=region:840,c:12,rmc_config_version:v1,rmc_segid:1,cohort_type:test,v_pixels:snapchat%252Cfacebook%252Coath,cohort:allVendors,ga...
https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527

0
9 B

33ms
18ms

Document
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/fff-home/wp-content/themes/fabfitfun/assets/js/services/rmc-inc-rt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 31 May 2022 14:11:27 GMT
via: 1.1 google

Redirect headers

content-length: 0
content-type: image/gif
date: Tue, 31 May 2022 14:11:27 GMT
location: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 modules.d0961e771164cd91e405.js Show response
script.hotjar.com/ 243 KB
63 KB 58ms
10ms Script
application/javascript 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d0961e771164cd91e405.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-306880.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-86.dus51.r.cloudfront.net

Software

Resource Hash

dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23841
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64057
access-control-allow-origin: *
last-modified: Tue, 31 May 2022 07:33:23 GMT
etag: "1ed5739adb19197da798013ab080794d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 208pF344hwGesUg9APu5futK4pJKU5ssldnNdqE3MY7sgloYVG4tgQ==

GET
H/1.1 200
OK tv2track.php
collector-5366.tvsquared.com/ 42 B
276 B 109ms
108ms Image
image/gif 18.219.18.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-5366.tvsquared.com/tv2track.php?action_name=&idsite=TV-45633636-1&rec=1&r=393003&h=14&m=11&s=27&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&urlref=https%3A%2F%2Ffabfitfun.com%2F&_id=c7115c97c8de2b36&_idts=1654006286&_idvc=0&_idn=0&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=200
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.219.18.11 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-18-11.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:27 GMT
Server: nginx
Connection: keep-alive
Request-Id: a60fb540-eab8-423a-b168-0fcb8fc87633
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H3

200

/
www.google.de/pagead/1p-conversion/805503010/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

25ms
25ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&cid=CAQSKQCNIrLMsp8RGUjExDGKnVuEGR9T0HrFmtEGYsOkydrbmQvLbO1JnP-8&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WEuE2u_KXnwMBwQRiN5T3UmrRKOGvVfysw&random=665776620&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&cid=CAQSKQCNIrLMsp8RGUjExDGKnVuEGR9T0HrFmtEGYsOkydrbmQvLbO1JnP-8&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WEuE2u_KXnwMBwQRiN5T3UmrRKOGvVfysw&random=665776620&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/994993128/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

22ms
21ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYuX8I9allgTp-YyoDQ&cid=CAQSKQCNIrLM9eIXFnAnD98lKXnnar3fEHP_9IuKSZpqlTIWhAkWANIp1Zp_&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLNc9qXhs3FTqXeEHV59alBI2ay4PqZDZw&random=2151093921&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYuX8I9allgTp-YyoDQ&cid=CAQSKQCNIrLM9eIXFnAnD98lKXnnar3fEHP_9IuKSZpqlTIWhAkWANIp1Zp_&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLNc9qXhs3FTqXeEHV59alBI2ay4PqZDZw&random=2151093921&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/805470366/ 42 B
64 B 40ms
22ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805470366/?random=1654006287568&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMC3Wxb1exkHMHMMAl3luu3qepNbck_4kXZ0s1OmmlsOns038h&random=552081264&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/805470366/ 42 B
64 B 41ms
23ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/805470366/?random=1654006287568&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMC3Wxb1exkHMHMMAl3luu3qepNbck_4kXZ0s1OmmlsOns038h&random=552081264&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
126 B 513ms
270ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006287654
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:28 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame E028 2 KB
1 KB 36ms
8ms Document
text/html 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-306880.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23841
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-id: JZgbjSW2XcJamUylZ-lFzdWKDo1DSPUNGa97H-stNyatyxXUgja_EA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 110ms
110ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 194bb75e.8eea0682
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 96,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112701000400402500400500600300113C48E4C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.134
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f639970c4cea2ec8d78d43157a5a04deb3f721e76e9c6c005c9175f077758ec034509ff909bc46283d2bfdf7ee7d9a1ffe0d5e25698d823ad9b81a01116e6c455b22bf0890cfcdb4f190ffc1352bf2232
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
576 B 279ms
279ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100040050060030250DBF0831
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 264,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b65f3286afea242bd79a5730d09c9bd47fcab037ba9723dfc1944f1262a7cd0ca7b0358410a43430bea67835437cad2fd4178d469d9367505eabd2a41c3c043d91
server-timing: inner; dur=143, cdn-cache; desc=MISS, edge; dur=1, origin; dur=264
x-akamai-request-id: 8eea0759
content-length: 0
expires: Tue, 31 May 2022 14:11:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 420ms
419ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5f1d77d2.8eea0789
date: Tue, 31 May 2022 14:11:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-142.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 387,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=298, inner; dur=294
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112701000200300500600300104C11CC2
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 298,23.220.104.142
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f266941e53fdee23dfc45ef23ed4fdf2450d0a0560feaf8827af56511e970049277c5b1e88cbf54a589415ad520edaae30b532ebd96ec55aa4766fd7a1fff0336a08ec8ed1d2edba7e6684baf88436898
expires: Tue, 31 May 2022 14:11:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
582 B 406ms
405ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112701000200763700400500600302903A31DFC
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 371,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b629007bf1f480ad01e690baa68700004e3870a6b5063130a8adce44a344fc69d5c52b1c9147945160f1ebf262bf31ff35560c588cf4d0bf858b688eb2084bbf6f
server-timing: inner; dur=275, cdn-cache; desc=MISS, edge; dur=1, origin; dur=371
x-akamai-request-id: 8eea079d
content-length: 0
expires: Tue, 31 May 2022 14:11:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
574 B 245ms
244ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100040050060030310ABDE0F6
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 210,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6a9d15ddbb4092e2eb8edbb1137509265bf1d1aa47222c066dc04e5ec4571e5d13a690fd8933898d3328ac47a4042ec5aa413aa409d4ef7bccde0e382302634d6
server-timing: inner; dur=115, cdn-cache; desc=MISS, edge; dur=1, origin; dur=209
x-akamai-request-id: 8eea07ab
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
719 B 250ms
249ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 650353c1.8eea07bd
date: Tue, 31 May 2022 14:11:27 GMT
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 213,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=103, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112701000200300500600300706D203E4
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 103,23.220.104.155
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7fdd51456955f0802ca4f2614be6ce18daca380e7256090257ef0e95fcd5400244d218514e4d75aa8dc3211934859d68099491d4fdd5c77d4595ed0c688accd677d19f9df16645063a3427be5ebff76ba3
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
574 B 240ms
239ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112701000400500600302307AA58B0
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 202,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6ee5a5b1ba6ce070d9d958ddcefcb7caaf126fa66b1504c198ef18de264df963f37e3bba60d9ed9e658bd86ded4a198dc47dd9fed613d42fe663a049d609bc54c
server-timing: inner; dur=105, cdn-cache; desc=MISS, edge; dur=0, origin; dur=202
x-akamai-request-id: 8eea07c2
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 869 B
1 KB 130ms
130ms Script
application/javascript 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C6AN2PPO8QD6LKH45200&hostname=fabfitfun.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d484788eaece8777578947085573b0a7f8cca5238db694ac1a5fcf8da595d63d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 8eea07cb
date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=94
content-length: 349
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112701000200600500500600300809955CDA
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6e7bd024ce4927aaa5932b92267a01902089ce548fa5c2a485975b1b9ee63cb286672ac69d97cd0c9de8e49b6a6573a9b178bf3a68eca5d82f71b4dd4524211f1
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
573 B 150ms
149ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100040050060030490CA7082C
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 104,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6098da372684299e20b4223e46623bb8930e425efaefcfe1f002c4df393bba20984d9e2de438a6e10ea7fb8b2dd508bc8a16c5820d557efffc47af33414bbe2f6
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=104
x-akamai-request-id: 8eea0803
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
720 B 300ms
300ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 65035447.8eea080f
date: Tue, 31 May 2022 14:11:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 254,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=137, inner; dur=130
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022053114112701000400300500600302204914308
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 137,23.220.104.155
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7fdd51456955f0802ca4f2614be6ce18da96243c7b22c0887699d407a77abb484e5f50ab9cb8cf8e34fe88273be8e2ead587d86e76da3ccfff426e3dc2b08823bb3e9f71064de7106d076e7f5c23bbfd78
expires: Tue, 31 May 2022 14:11:28 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=PageView&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&rl=https%3A%2F%2Ffabfitfun.com%2F&if=false&ts=1654006287786&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006287609&coo=false&rqm=GET

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
724 B 298ms
298ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 194bb971.8eea098c
date: Tue, 31 May 2022 14:11:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-134.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 284,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=196, inner; dur=194
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220531141127010004004025004005006003003128DC2E3
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 196,23.220.104.134
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7f639970c4cea2ec8d78d43157a5a04debdc9b683c60fa297d36002d0f197bc29ab63c556d1b594e4d840a9e1f484342cc0130b3e149d09a4fc6271bc23b8996e254fb87e08f419b1e3c010b64e9bf7cd9
expires: Tue, 31 May 2022 14:11:28 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
574 B 109ms
109ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022053114112701000200600500500600300809955CF6
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6e7bd024ce4927aaa5932b92267a019028bd7f1009e0fe333b9082a4924e3a6c7c80fcd6c62a1fa9ca14afe0314e6d445fe1e43bfcb970723c287c10ebcc1405b
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
x-akamai-request-id: 8eea0a74
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
721 B 281ms
281ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 65035398.8eea0a78
date: Tue, 31 May 2022 14:11:28 GMT
x-cache-remote: TCP_MISS from a23-220-104-155.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
x-parent-response-time: 265,23.36.161.204
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=175, inner; dur=168
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202205311411270100020060050050060030290DB76071
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,23.220.104.155
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51881fc97e38bef292dc5eade33d1033aa7fdd51456955f0802ca4f2614be6ce18dadc89bc63763685e16a06e9e96821309d6edc3450c21fea71e9d55e58b7a533c0ae9f774f2250493b6ba421e4ab06a57518dc08d8220c13311e5144ba84b30231
expires: Tue, 31 May 2022 14:11:28 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
575 B 129ms
129ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100040050060030490CA70860
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 114,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b6098da372684299e20b4223e46623bb89848c3074e68db537b3bdb2c461cb9c9d67683febca30a961f72a09c065533640b16ab2d30986b7c65399af4f3936315f
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=0, origin; dur=114
x-akamai-request-id: 8eea0a82
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
579 B 124ms
123ms Ping
application/octet-stream 23.36.163.232
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6AN2PPO8QD6LKH45200&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.232 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-232.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 31 May 2022 14:11:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202205311411270100020030020050060030050CBDE3E8
x-cache: TCP_MISS from a23-36-161-204.deploy.akamaitechnologies.com (AkamaiGHost/10.8.1-41431467) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 106,23.36.161.204
x-tt-trace-host: 017664e039fe72eef8010acf7e9c0a51887a8f13bbba54cb494145e07ffee623b63090688cbfd09cea149c6f62eb15ed660a10377fa644cc7dea5c62722bb031d1d18c3bd6671d4a8fc87879d8b755ae6983536e86f4dd90c2db7f98318e841a48
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=1, origin; dur=106
x-akamai-request-id: 8eea0a95
content-length: 0
expires: Tue, 31 May 2022 14:11:27 GMT

GET
H2 200 4031595 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 115ms
115ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4031595
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4031595.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9d39b621e4c014b2742ca8c79a64764bdc36d1d2d743ef62e8a1b6d850b5a913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
x-powered-by: ASP.NET
x-azure-ref: 0DyKWYgAAAABNDAQnNQhdSIXcjnKS/BESQ1BIMzBFREdFMDQwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 178ms
178ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006288003
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:28 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.34/ 53 KB
23 KB 94ms
94ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4031595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:27 GMT
content-encoding: br
etag: "1d87336c650fb54"
last-modified: Sun, 29 May 2022 08:33:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect Show response
d.clarity.ms/ 0
25 B 186ms
186ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Tue, 31 May 2022 14:11:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 Dw1RatCFTZXTKvkDxcz1E.json Show response
cdn.optimizely.com/datafiles/ 77 KB
14 KB 156ms
125ms XHR
application/json 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/Dw1RatCFTZXTKvkDxcz1E.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c9291b5147f9466092a2bdf937b36970ff1799f7f6b25afb5514987cdab4705

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: o_DwBcEDcEz09rQLTgztCGCAzQZC3B1O
content-encoding: gzip
etag: "661c3cdfd6842b72317195cd3ed64256"
x-amz-request-id: CDR8FGRQMV8AVKVY
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1378
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD, OPTIONS
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 13373
x-amz-id-2: BmCxSitSgIc+nbUWKYXC0qn2I4E814lN6SztuXmnZLQdHPBLLKQ1+5cp15Di+wMrbuh7dE9PHSo=
last-modified: Wed, 25 May 2022 23:08:39 GMT
server: AmazonS3
date: Tue, 31 May 2022 14:11:28 GMT
access-control-max-age: 604800
strict-transport-security: max-age=15768000
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 319 KB
82 KB 119ms
66ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/v4/recurly.js

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/framework-b6e6b1003ff776104a36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a90fb5460ea3764b9103b50ee679c48caa1c6aa57cff2af7ab0add48146237f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 5242
last-modified: Mon, 23 May 2022 16:06:52 GMT
server: cloudflare
etag: W/"628bb11c-4fdf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 71404c884cc2cde3-CDG
expires: Tue, 31 May 2022 18:11:28 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ 276 KB
77 KB 58ms
25ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/framework-b6e6b1003ff776104a36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ba32124931d27f90794a9366e4b9c0de8125d120fcc137810fe0fa41ed7e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
via: 1.1 e90965fc09a647100bac5d68d2d591f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 08:13:12 GMT
server: cloudflare
etag: W/"de7bcaac47ec1ad6f19d93df63c0cb71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: TXL52-C1
cf-ray: 71404c882c5990b2-FRA
x-amz-cf-id: tmysNfEYLrxay5sCQPxcCgC60iT13xv5ZWacdhbja8XWZDKdQAGOPA==

GET
H2 200 fff-logo
res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Header/ 2 KB
2 KB 68ms
19ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Header/fff-logo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

784a48eb8bf25e32cc50465c15a92796f71e9eb2046de3d07dc5caf70d356fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="fff-logo.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-05-31T14:11:28.686Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 1816
last-modified: Thu, 02 Dec 2021 23:07:09 GMT
server: Cloudinary
etag: "28f19028f7ef61e65500d61464064440"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 load.js Show response
get.exitintel.com/ 467 KB
121 KB 186ms
110ms Script
text/javascript 2600:9000:2156:1200:6:8b80:1140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.exitintel.com/load.js?exitintelAccount=2983
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1200:6:8b80:1140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7e27cf3fdfbe2dceab03ae0538752b7c32fec894459495c30921b8dc5799607c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:10:40 GMT
via: 1.1 3ce1b04fdf4b78c695ea1764363d1f38.cloudfront.net (CloudFront), 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age: 48
x-amzn-requestid: 3b4ca0ac-5150-4808-8b86-d77210586553
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-transform,public,max-age=120,s-maxage=120
x-amzn-trace-id: Root=1-629621e0-1af134313ca6058a5db6824f
x-amz-cf-pop: IAD79-C3, FRA50-C1
content-encoding: br
x-amz-apigw-id: S_o7EHMrIAMF1rA=
x-amz-cf-id: YHsX2ypIieBJu-Nt8yWDcj_JILnTzC5d74uM3N3FL2QYgtb9QJURvQ==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9463 0
181 B 31ms
31ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=glnt0wu&ref=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&upid=l2gottf&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&v=undefined
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 31 May 2022 14:11:28 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 101ms
101ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:28 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/7kbHDCgVdd/ 406 KB
68 KB 10ms
9ms Script
text/javascript 143.204.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/441b9d674b5deff72a34aabde3b4d3ecd98fe406-e50a2d7b5c1cd69ce8ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-41.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f95c07fa81f07fcd7f713beb0d169251d6e5623da52c05485bc4beff5fcfa42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 4xDgyEDJoZf9zu8O35IoQBTJLACWPj20
content-encoding: br
etag: W/"65e86580082f59f8fcc0492bd4e602a9"
age: 116
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 10 May 2022 22:59:59 GMT
server: AmazonS3
date: Tue, 31 May 2022 14:09:33 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uZ3Dq6UtK8JWhZFqDUvjR4q_Jr-jd6xD60dpyMXDVur5d4Ul5fbpNg==

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 100ms
100ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:28 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H/1.1 200
OK plans Show response
localization-api.fabfitfun.com/api/1/subscription/ 2 KB
1 KB 753ms
447ms XHR
application/json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/api/1/subscription/plans
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: 63d253d1a69ee4fca32058397596f2078e3b7ec13a888b784163a7cbefba9b51

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url
Content-Length: 511

GET
H/1.1 200
OK fffvip Show response
localization-api.fabfitfun.com/countries/by-plan-code/ 5 KB
2 KB 407ms
101ms XHR
application/vnd.fabfitfun.v1+json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/countries/by-plan-code/fffvip
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: f3682c75976086cc38c7c48589d8bd5e5e7161ef7fd0343bf6674a3385c8c28f

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v1+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url
Content-Length: 1236

GET
H/1.1 400
Bad Request null Show response
customize-api.fabfitfun.com/customize/v1/public/campaign-state/users/ 83 B
611 B 409ms
102ms XHR
application/json 35.169.238.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/v1/public/campaign-state/users/null
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.238.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-238-157.compute-1.amazonaws.com
Software: /
Resource Hash: 1343313f3c456ce2fb4b9388e90e0d60432675f02caf39419d71e00dd1e82c85

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url
Content-Length: 83

GET
H3 200 css
fonts.googleapis.com/ 7 KB
731 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/app-bc86856c15078cfa314c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

147b1cbfb03c6bad64d558a5487de4d0112e013526c66c1666556923695c11b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 14:05:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:28 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:04:56 GMT
x-content-type-options: nosniff
age: 83192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:04:56 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 83376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:01:52 GMT

OPTIONS
H2 200 5f90aeab892e740961596bba
app.launchdarkly.com/sdk/goals/ Frame 0
0 17ms
16ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 31 May 2022 14:11:28 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-cdg20779-CDG
x-timer: S1654006289.737075,VS0,VE1

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/ Frame 0
0 17ms
17ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 31 May 2022 14:11:28 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-cdg20779-CDG
x-timer: S1654006289.749622,VS0,VE1

OPTIONS
H2 204 5f90aeab892e740961596bba
events.launchdarkly.com/events/diagnostic/ Frame 0
0 97ms
97ms Preflight 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 31 May 2022 14:11:28 GMT
strict-transport-security: max-age=31536000

GET
H2 200 5f90aeab892e740961596bba Show response
app.launchdarkly.com/sdk/goals/ 2 B
112 B 18ms
16ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f90aeab892e740961596bba

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Tue, 31 May 2022 14:11:28 GMT
content-length: 26
x-served-by: cache-cdg20779-CDG
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1654006289.755545,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be0a1872212991003f745c768457e812508b22ae6a020fa96cda41c34466bd34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1015 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a7bc810ef60a7fd26d333d4e542884fb2873c312ef348863f23e319aa48fe47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95f314782f33f107740d32aacf51e323e203c2c6cc8c8ca3d557c6f4d1267a96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76f2e2b799136962759337d259e9bc656eb7f2206d8b5839b82c124a3c12ad52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/ 2 KB
766 B 18ms
17ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8b5bdfa0deb7a234d5b2847c21059d34808d6e1576633f70ec5872fa1f1228f8

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: HIT
content-length: 392
x-served-by: cache-cdg20744-CDG, cache-cdg20779-CDG
access-control-allow-origin: *
x-timer: S1654006289.767034,VS0,VE1
etag: "62dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

POST
H2 202 5f90aeab892e740961596bba Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 100ms
100ms XHR
application/json 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f90aeab892e740961596bba

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v29/ 35 KB
35 KB 31ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v29/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:31:23 GMT
x-content-type-options: nosniff
age: 499205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 19:31:23 GMT

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 282ms
281ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006288754
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:28 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H3 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 16:45:07 GMT
x-content-type-options: nosniff
age: 77181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17324
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 16:45:07 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v29/ 35 KB
35 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v29/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 19:31:23 GMT
x-content-type-options: nosniff
age: 499205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 19:31:23 GMT

OPTIONS
H/1.1 204
No Content default
content.fabfitfun.com/contents/self/global-footer-v2/ Frame 0
0 407ms
98ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.fabfitfun.com/contents/self/global-footer-v2/default
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:29 GMT

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 99ms
98ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:28 GMT

GET
H/1.1 200
OK default Show response
content.fabfitfun.com/contents/self/global-footer-v2/ 5 KB
2 KB 394ms
102ms Fetch
application/vnd.fabfitfun.v2+json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.fabfitfun.com/contents/self/global-footer-v2/default
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: bdce3bbd8057971f2d922de12fa71685c6c98036be41c729f49f5db817768641

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v2+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 1160

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 99ms
99ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:28 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

GET
H2 200 fffPactSafe.min.js Show response
abtesting.fabfitfun.com/Shared/assets/js/ 2 KB
1 KB 328ms
98ms Script
application/x-javascript 35.168.183.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abtesting.fabfitfun.com/Shared/assets/js/fffPactSafe.min.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/e49262fa-b96151326f4b0347943a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.183.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-183-19.compute-1.amazonaws.com
Software: Apache/2.4.48 /
Resource Hash: a18cff2d451ed9bf8cffa5d68ec1d3328708469aa98ff1a66c9b96d60978f511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 19:15:22 GMT
server: Apache/2.4.48
etag: "68d-5af4adb28d68d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
accept-ranges: bytes
content-length: 744

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/ 16 KB
4 KB 57ms
27ms Script
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/OtAutoBlock.js

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/e49262fa-b96151326f4b0347943a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72ff44ab1b2c08f5fa439c7a8df555b159a77470facf80a455287bc4b078695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WVM42g+5J2IaovBK4bvFhg==
age: 604
vary: Accept-Encoding
content-length: 3805
x-ms-lease-status: unlocked
last-modified: Wed, 12 May 2021 17:26:36 GMT
server: cloudflare
etag: 0x8D9156B18A53CAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 049ac661-901e-0071-386f-c9aadf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71404c89786501e3-ZRH
expires: Tue, 31 May 2022 18:11:28 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 55ms
25ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/e49262fa-b96151326f4b0347943a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2R9GKwuxJTUynP4on2KYxQ==
age: 6565
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Tue, 31 May 2022 02:45:17 GMT
server: cloudflare
etag: 0x8DA42AF98DE1611
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2ef997eb-801e-0065-0c98-7469bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71404c89786a01e3-ZRH

GET
DATA 200
OK truncated
/ 642 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d7d30d0b1f26136bdd31cc940f372df514925c59841b68f19ad89d292d0813a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 testimonial-desktop-9c2a470d0b31d04db574ead0fa76190d.jpg
scontent01.fabfitfun.com/gtb/cdn/static/ 179 KB
179 KB 171ms
171ms Image
image/jpeg 2600:9000:2156:c00:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/static/testimonial-desktop-9c2a470d0b31d04db574ead0fa76190d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9abefafd34a5bf7a436aee1871c7de23fd9d9f68fef033af02b60277cc381e36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 09 May 2022 21:40:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f5737b90e6af2e7b15770ffc7996d27f"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: max-age=31556952,public,immutable
accept-ranges: bytes
content-length: 182930
x-amz-cf-id: s7I_eLKxSs-XqgJ2gyBcsuerAtYxCb9sl6-tXEwu-L7L1nOj5JzdNA==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: xf45okIUUuW42L5lx6Vr1r6BMlFh68SLHl41d1jBeW5OScCvSYHO/k9BKjKStlUSTsVzunaq6ge9VaV5z/twCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 31 May 2022 14:11:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-805503010

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e437aa50faecdc8953f5229b5593276469477e30a2a48d61d36ee91bd5a98cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57949
x-xss-protection: 0
last-modified: Tue, 31 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 May 2022 14:11:28 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 9ms
9ms Script
application/javascript 143.204.101.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-66.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:13:13 GMT
content-encoding: gzip
age: 1249096
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: MOujW0wX_46VzazyqQ0D1oqSryDX9_PYcrexAnzUfXNMUt-9s_IWSA==

GET
H2 200 hero-product-stacked-su22-2-1x1_1
res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,w_710/f_auto/q_auto/v1/prod/gtb/Hero/ 130 KB
130 KB 20ms
18ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,w_710/f_auto/q_auto/v1/prod/gtb/Hero/hero-product-stacked-su22-2-1x1_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

17447880c8e2134e3b329f9ff21d6819bdc8552c3305ba7001166720dffedb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="hero-product-stacked-su22-2-1x1_1.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-05-31T14:11:28.904Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 133178
last-modified: Fri, 22 Apr 2022 15:52:15 GMT
server: Cloudinary
etag: "267c307fc37e84e48b11bc43b25f2e7f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bestlife
res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/ 2 KB
3 KB 19ms
16ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/bestlife

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44110162ab2260293897e440cc198d102ff47f3dcef78a878e8cabe40fbf4563

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="bestlife.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-31T14:11:28.904Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 2516
last-modified: Fri, 28 Jan 2022 19:51:27 GMT
server: Cloudinary
etag: "300830e786124e21a87149e74811e126"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bg-wave
res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Plans/ 1 KB
1 KB 19ms
17ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Plans/bg-wave

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

320c349e996c332ecd165bfe2c49114a75bf4e33e933ba88839d3a6e93c569f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="bg-wave.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-05-31T14:11:28.904Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 1164
last-modified: Wed, 01 Dec 2021 01:43:00 GMT
server: Cloudinary
etag: "4511a97bedaa76476066a01b0539fce9"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 official
res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/ 3 KB
3 KB 54ms
51ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/official

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b6a3db821178640d1dac756c4bddf26f13ada86db3eefa77786ffb8236ca1afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="official.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-31T14:11:28.905Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 2632
last-modified: Fri, 28 Jan 2022 19:51:27 GMT
server: Cloudinary
etag: "9718eae0afe68b450093f97528a7fa29"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pick
res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/ 2 KB
2 KB 52ms
51ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_95,w_155/f_auto/q_auto/v1/prod/gtb/HIW/pick

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5b60e8d17e321465c95f06c689cb197312741d68889dee7faa567bb905288219

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="pick.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-31T14:11:28.905Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 1764
last-modified: Fri, 28 Jan 2022 19:51:27 GMT
server: Cloudinary
etag: "c8474a919a6fd28894c39b63d3a7a8c7"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK new-members Show response
customize-api.fabfitfun.com/customize/campaigns/current/ 110 B
653 B 277ms
108ms XHR
application/json 35.169.238.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/campaigns/current/new-members
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.238.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-238-157.compute-1.amazonaws.com
Software: /
Resource Hash: ea4d1983e2f057260edd19635577183178c863b7c56d972662ae48f3c5b5efb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url
Content-Length: 110

GET
H/1.1 401
Unauthorized user-data Show response
universal-navigation-api.fabfitfun.com/menu/ 49 B
651 B 101ms
99ms Fetch
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

FFF-Auth: V1.1
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
WWW-Authenticate: Bearer realm="fff"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 49

OPTIONS
H/1.1 204
No Content user-data
universal-navigation-api.fabfitfun.com/menu/ Frame 0
0 99ms
99ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://universal-navigation-api.fabfitfun.com/menu/user-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,fff-auth
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:28 GMT

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/5f90aeab892e740961596bba/ 2 KB
0 43ms
41ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5f90aeab892e740961596bba/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:28 GMT
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: get.exitintel.com
URL: https://get.exitintel.com/load.js?exitintelAccount=2983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 07:32:06 GMT
x-content-type-options: nosniff
age: 23962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 07:32:06 GMT

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 23E3 1 KB
611 B 52ms
40ms Document
text/html 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/field.html

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 230
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 71404c8a9ffbcde3-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 May 2022 14:11:29 GMT
etag: W/"628f99ed-4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 31 May 2022 18:11:29 GMT
last-modified: Thu, 26 May 2022 15:17:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 18E5 1 KB
611 B 48ms
38ms Document
text/html 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/field.html

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 230
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 71404c8a9ffacde3-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 May 2022 14:11:29 GMT
etag: W/"628f99ed-4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 31 May 2022 18:11:29 GMT
last-modified: Thu, 26 May 2022 15:17:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 722C 1 KB
611 B 47ms
39ms Document
text/html 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/field.html

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 230
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 71404c8a9ff9cde3-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 May 2022 14:11:29 GMT
etag: W/"628f99ed-4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 31 May 2022 18:11:29 GMT
last-modified: Thu, 26 May 2022 15:17:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame F009 1 KB
705 B 40ms
35ms Document
text/html 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/field.html

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 230
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 71404c8a9ff8cde3-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 May 2022 14:11:29 GMT
etag: W/"628f99ed-4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 31 May 2022 18:11:29 GMT
last-modified: Thu, 26 May 2022 15:17:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 chevron.png
res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/ 654 B
845 B 18ms
17ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/chevron.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

84daa56e647b81934364aad5d750e9981bed70a3b69d4adb091378468c96d9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="chevron.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-31T14:11:29.052Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 654
last-modified: Wed, 01 Dec 2021 01:11:50 GMT
server: Cloudinary
etag: "d35cfc70c344183636dfb4d2c9645233"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chevron-disabled.png
res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/ 656 B
957 B 18ms
18ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/chevron-disabled.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

96179687fd74e6a3f6f7187f01d183a4d00ee25f491a741a78c3766e453e0691

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="chevron-disabled.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-05-31T14:11:29.052Z;desc=hit,rtt;dur=15
vary: Save-Data
content-length: 656
last-modified: Wed, 01 Dec 2021 01:11:50 GMT
server: Cloudinary
etag: "f71954245d89dff4c77ffc6afca92d12"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 150ms
149ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006289048
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:29 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 a6170136-4755-4592-826f-3c85fc8fb6a7-test.json Show response
cdn.cookielaw.org/consent/a6170136-4755-4592-826f-3c85fc8fb6a7-test/ 3 KB
2 KB 90ms
62ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a6170136-4755-4592-826f-3c85fc8fb6a7-test/a6170136-4755-4592-826f-3c85fc8fb6a7-test.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db3eb18070eedf94f30c3b0708ae3cb5d26dec36dfb96cc36613f37456378aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: pKyTzXdcjonp5HHZTO38cQ==
content-length: 1296
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 18:37:21 GMT
server: cloudflare
etag: 0x8D8FB86831ED150
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2582b17a-201e-0068-74f8-7486b7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
cf-ray: 71404c8acb5f0211-ZRH

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 170ms
170ms XHR
text/html 54.69.55.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.55.17 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-55-17.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:29 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9cf89e599fcfe1a240b90836410b4ba9c0a865d42c718c31fd41c0e0219de33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bdfe9b2b2bee656f09dbef5112c4245378dff02793659ce4ab1ae9b45253b25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 155ms
154ms XHR
application/json 52.27.128.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.128.188 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-128-188.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Tue, 31 May 2022 14:11:29 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=PageView&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&rl=https%3A%2F%2Ffabfitfun.com%2F&if=false&ts=1654006289203&sw=1600&sh=1200&v=2.9.61&r=stable&a=seg&ec=1&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006287609&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H2 200 fffvip Show response
api.recurly.com/js/v1/plans/ 2 KB
910 B 190ms
170ms XHR
application/json 104.16.113.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/plans/fffvip?version=4.21.0&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=d3tlmYIEXvJU2rsj&sessionId=kOFMnufHrf8REpFJ&instanceId=Ryjh8dn8wc1V5epG

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.113.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23998573260ee36663b9c7d31a63fd11386833980371f5bf84082ef660a68c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept
cf-cache-status: DYNAMIC
access-control-allow-origin: *
x-request-id: 71404c8ba9709974-FRA
server: cloudflare
etag: W/"23998573260ee36663b9c7d31a63fd11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 google
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 71404c8ba9709974-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 68ms
39ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 71404c8bcfa60221-ZRH
access-control-allow-headers: Content-Type

GET
H2 200 fffvip Show response
api.recurly.com/js/v1/plans/ 2 KB
487 B 193ms
178ms XHR
application/json 104.16.113.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recurly.com/js/v1/plans/fffvip?version=4.21.0&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=d3tlmYIEXvJU2rsj&sessionId=kOFMnufHrf8REpFJ&instanceId=Ryjh8dn8wc1V5epG

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.113.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23998573260ee36663b9c7d31a63fd11386833980371f5bf84082ef660a68c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept
cf-cache-status: DYNAMIC
access-control-allow-origin: *
x-request-id: 71404c8ba9739974-FRA
server: cloudflare
etag: W/"23998573260ee36663b9c7d31a63fd11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 google
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 71404c8ba9739974-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With

OPTIONS
H/1.1 204
No Content new-members
customize-api.fabfitfun.com/customize/questions/campaigns/68/ Frame 0
0 397ms
101ms Preflight
text/plain 35.169.238.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/questions/campaigns/68/new-members
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.238.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-238-157.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Tue, 31 May 2022 14:11:29 GMT

POST
H/1.1 200
OK new-members Show response
customize-api.fabfitfun.com/customize/questions/campaigns/68/ 48 KB
49 KB 110ms
109ms XHR
application/json 35.169.238.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/questions/campaigns/68/new-members
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.238.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-238-157.compute-1.amazonaws.com
Software: /
Resource Hash: e522b65ed788de9ea0529bd093f789186fc168f412755d1f5e9440ebfe95d702

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame F009 567 KB
162 KB 34ms
34ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/hosted-field/v1/hosted-field.js

Requested by

Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048ab56b8ee40bc8ee7b8bf53db6749d61c2843752a229a12272c6a9ca8661f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3089
last-modified: Mon, 23 May 2022 16:06:57 GMT
server: cloudflare
etag: W/"628bb121-8dac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 71404c8ba94fcde3-CDG
expires: Tue, 31 May 2022 18:11:29 GMT

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 18E5 567 KB
162 KB 34ms
34ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/hosted-field/v1/hosted-field.js

Requested by

Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048ab56b8ee40bc8ee7b8bf53db6749d61c2843752a229a12272c6a9ca8661f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3089
last-modified: Mon, 23 May 2022 16:06:57 GMT
server: cloudflare
etag: W/"628bb121-8dac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 71404c8bb952cde3-CDG
expires: Tue, 31 May 2022 18:11:29 GMT

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 722C 567 KB
162 KB 33ms
33ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/hosted-field/v1/hosted-field.js

Requested by

Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048ab56b8ee40bc8ee7b8bf53db6749d61c2843752a229a12272c6a9ca8661f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3089
last-modified: Mon, 23 May 2022 16:06:57 GMT
server: cloudflare
etag: W/"628bb121-8dac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 71404c8bb954cde3-CDG
expires: Tue, 31 May 2022 18:11:29 GMT

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 23E3 567 KB
162 KB 53ms
53ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/hosted-field/v1/hosted-field.js

Requested by

Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

048ab56b8ee40bc8ee7b8bf53db6749d61c2843752a229a12272c6a9ca8661f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3089
last-modified: Mon, 23 May 2022 16:06:57 GMT
server: cloudflare
etag: W/"628bb121-8dac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 71404c8bb958cde3-CDG
expires: Tue, 31 May 2022 18:11:29 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 162ms
161ms XHR
text/html 54.69.55.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.55.17 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-55-17.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:29 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 2983 Show response
cdn2.exitintel.com/api/v1/pub/ 479 KB
21 KB 150ms
119ms Script
application/javascript 2600:9000:2156:1200:6:8b80:1140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.exitintel.com/api/v1/pub/2983?callback=exitintel.campaign.campaignsFileLoaded
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1200:6:8b80:1140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 489491d44131f7fb6d0c0fdc318fa30c22cc3acc36b0175ad1792a18ebca4bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:10:43 GMT
via: 1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age: 46
x-amzn-requestid: 718cc508-ef39-4e5b-8239-f06f847a4afc
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform,public,max-age=120
x-amzn-trace-id: Root=1-629621e3-209804cb1a716dca0f524038
access-control-allow-headers: *
x-amz-cf-pop: IAD89-C3, FRA50-C1
content-encoding: br
x-amz-apigw-id: S_o7oHL0oAMF-fg=
x-amz-cf-id: b5YX9mxA8ITKl1TNUfeqHB7o4vq5hMuXlzvykbwakxjhFtlLHpZaMA==

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 143ms
143ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006289251
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:29 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 24ms
21ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 19411395
vary: Accept-Encoding
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bcc806bd-a01e-017d-436c-c4027b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71404c8c0ce101e3-ZRH

GET
H3 200 css
fonts.googleapis.com/ Frame 18E5 2 KB
511 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/hosted-field/v1/hosted-field.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e9fb716062ce52c34ff4ceae4d8dc05610d1d943134441f1dec3d280295a090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 13:04:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=Microdata&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&rl=https%3A%2F%2Ffabfitfun.com%2F&if=false&ts=1654006289334&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&a=seg&ec=2&o=62&fbp=fb.1.1654006286079.1177823156&it=1654006287609&coo=false&es=automatic&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F009 2 KB
511 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/hosted-field/v1/hosted-field.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e9fb716062ce52c34ff4ceae4d8dc05610d1d943134441f1dec3d280295a090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 14:05:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 23E3 2 KB
511 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/hosted-field/v1/hosted-field.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e9fb716062ce52c34ff4ceae4d8dc05610d1d943134441f1dec3d280295a090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 13:52:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 722C 2 KB
511 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans

Requested by

Host: js.recurly.com
URL: https://js.recurly.com/hosted-field/v1/hosted-field.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e9fb716062ce52c34ff4ceae4d8dc05610d1d943134441f1dec3d280295a090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 13:37:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 14:11:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 14:11:29 GMT

GET
H3 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ Frame 18E5 17 KB
17 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.recurly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 83377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:01:52 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a6170136-4755-4592-826f-3c85fc8fb6a7-test/506b5a71-aa05-4a86-a06c-f5a4b3f31554/ 45 KB
9 KB 52ms
52ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a6170136-4755-4592-826f-3c85fc8fb6a7-test/506b5a71-aa05-4a86-a06c-f5a4b3f31554/en.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18217485959e8112af8bc4f42f4bf9d2f3eeae74830b497e819f79423afb04bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: Nw7XWzXP2sUk6Mjvg/+umA==
content-length: 9384
x-ms-lease-status: unlocked
last-modified: Fri, 09 Apr 2021 18:37:27 GMT
server: cloudflare
etag: 0x8D8FB8686B990C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: aa4a3de2-901e-0131-70f8-74c564000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
cf-ray: 71404c8cce910211-ZRH

GET
H3 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ Frame F009 17 KB
17 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.recurly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 83377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:01:52 GMT

GET
H3 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ Frame 23E3 17 KB
17 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.recurly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 83377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:01:52 GMT

GET
H3 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ Frame 722C 17 KB
17 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://api.recurly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 15:01:52 GMT
x-content-type-options: nosniff
age: 83377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 15:01:52 GMT

GET
H/1.1 200
OK geolocate Show response
j576j5dsib.execute-api.us-east-1.amazonaws.com/prod/custom/common/ 191 B
679 B 366ms
333ms Script
text/javascript 143.204.98.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://j576j5dsib.execute-api.us-east-1.amazonaws.com/prod/custom/common/geolocate?callback=jQuery111206217397553782942_1654006289230&_=1654006289231
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-118.fra50.r.cloudfront.net
Software: /
Resource Hash: b2eddf3ace0ca350190881a756a2fc2ec8fbc1a01b67471ef8f559545bf7fe1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:29 GMT
Via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
x-amzn-RequestId: 98d127bb-b0ec-4783-b665-113cdccaf475
X-Cache: Miss from cloudfront
Content-Type: text/javascript
X-Amzn-Trace-Id: Root=1-62962211-6c1fb5505b9055772c2c0d50;Sampled=0
Connection: keep-alive
x-amz-apigw-id: S_pCyEoAIAMFy-g=
Content-Length: 191
X-Amz-Cf-Id: N7D7fm2ABejKydeO5MRzUC8pmr7inTcDkWmBtH88AnDKtphhv8Y8dg==

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 10 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFloatingRoundedCorner.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21818bca42a3202e4b46be64251ec2f3552487db68b8129a15c550c3943fa7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +qzcdQca4EjZqiNWotmnyQ==
vary: Accept-Encoding
content-length: 2568
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:49 GMT
server: cloudflare
etag: 0x8D910C5740AD956
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 96baedc2-b01e-0000-636c-c4d8e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71404c8da81d0211-ZRH

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 47 KB
11 KB 99ms
99ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcPanel.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65f44091d958bd6814ec918fd37cffaced53f8645db09447b8593d29bc3e1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HmR0GGwT5MYJ03Euoytx0g==
vary: Accept-Encoding
content-length: 11510
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:50 GMT
server: cloudflare
etag: 0x8D910C574A02F63
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0a618b38-e01e-0153-6d6c-c482bc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 71404c8da81e0211-ZRH

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 185ms
185ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Tue, 31 May 2022 14:11:29 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f27ce19e9a4d161e1dac159a428d23ce1108c1a62900f47fed4d09e69b23333

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fa-arrow-right.svg
s3.amazonaws.com/dev-abtesting-assets/winter_master_2020/img/ 1 KB
2 KB 119ms
119ms Image
image/svg+xml 52.217.101.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/dev-abtesting-assets/winter_master_2020/img/fa-arrow-right.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.101.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c1a268fd355da5205bb049f753b73a62793eda57394dab70e8d5982bd499692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:30 GMT
Last-Modified: Fri, 16 Oct 2020 19:05:22 GMT
Server: AmazonS3
x-amz-request-id: ZQB8DE14W81TFZC0
ETag: "02e2d6fbdbd8d3205c022d94bee75fbe"
Content-Type: image/svg+xml
Content-Disposition: attachment
Accept-Ranges: bytes
Content-Length: 1144
x-amz-id-2: hl2M2XAlti1sk4zZ6BtXPd6zxXykjn+zjH2E6sUiPgSXbLPRriAgQSVfESdvTWFxkhojSKnt8+M=

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b22f24095cebf04cc720b33497fa7e4e6f17c20f5373c620e934ef3fc9217e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70d5e2f3da8ebb1d896cc0d6891ab3a124ebce6cd7feb3519d24d11c68164b84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3c32a8c6f75d7f2dc3c8bcbfcdf8dc6bebd5a5114e8ccf29cf22ed7036f0bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3083f0b113d8bddef0b6ead5d84d21c8753a4442eef63ec0f4326c96911d9f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc92abb9815563690cd472d891ec96e3d3a7d3e6e173131ab836679bd3bbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16853aed2895cb808fee0d4fc80d7a892e5a5af7a2e93a67cda475786888a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
182 B 658ms
187ms XHR
application/json 2600:1f18:24e6:b901:2220:8eb4:de68:db12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=3.11.0&dd-evp-origin=browser&dd-request-id=e62e7b52-5209-403d-a0c8-c66746fed35d
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:2220:8eb4:de68:db12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0f937dfc65eac757d97ab03c00054cffa482a0108d4e46d70297676e83811a49

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8kH5PSUE8rjvisrY

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:30 GMT
cross-origin-resource-policy: cross-origin
content-length: 53
content-type: application/json

GET
H2 200 confetti.browser.min.js Show response
cdn.jsdelivr.net/npm/canvas-confetti@1.4.0/dist/ 7 KB
4 KB 49ms
21ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/canvas-confetti@1.4.0/dist/confetti.browser.min.js

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f3d22f12d07be903b8f4756763e691561d9b6f1f3bc47b300f8dd0766a2d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 14:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6151781
x-jsd-version: 1.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1d28-hu0ICzmFzSYEv6hkBIr/hqATiNU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is6nvUNCb0UhvXD4zyZR0SNVOeXCGvmo1cVKQDp14L%2Bq0jA7GV2yLVL7AFSMCEdHx6h76gwYBHGoHCNKpajTl3GsIQRXNcvKBl3ayFTfDCqL26YKpPbsgNWcDoKxS4yIuRuXis%2BJMWzsQnWrF4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71404c901f11021d-ZRH

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1395492123&t=event&ni=1&_s=2&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&dp=%2Fget-the-box&ul=en-us&de=UTF-8&dt=FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Exit%20Intel&ea=Configuration&el=All%20campaigns&ev=0&_u=SDCAgEAB~&jid=&gjid=&cid=755578010.1654006286&tid=UA-15829841-1&_gid=1712319525.1654006286&gtm=2wg5p16N92&z=453945961

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 May 2022 14:41:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Samara_Shoulder_Bag_Pink_SAA_FA_001_0938_360x408_bfd4ece98b.jpg
static.fabfitfun.com/cms/ 28 KB
28 KB 71ms
21ms Image
image/jpeg 2600:9000:2156:3400:b:d158:c180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fabfitfun.com/cms/Samara_Shoulder_Bag_Pink_SAA_FA_001_0938_360x408_bfd4ece98b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:b:d158:c180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2474a3dab6ec273fd83559c1a700c7ea6526cdbda9b3c3fe96cc57c0df405e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 06:56:45 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 07:28:03 GMT
server: AmazonS3
age: 26086
etag: "2ebfefd39e5903fafef23e832f5f4f51"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 28384
x-amz-cf-id: ZoV_AVMKDPqzHlG3yk9YT-rA7vvWzT7tU-b62TFfiBNzXXLORME92Q==

GET
H2 200 Free_People_Bralette_L_XL_FPL_FA_001_PNK_LXL_0305_2_82bce121f6.jpg
static.fabfitfun.com/cms/ 17 KB
17 KB 63ms
13ms Image
image/jpeg 2600:9000:2156:3400:b:d158:c180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fabfitfun.com/cms/Free_People_Bralette_L_XL_FPL_FA_001_PNK_LXL_0305_2_82bce121f6.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:b:d158:c180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cffcd5e5786f6213f4534a2a72e966597697cbda1d57ea74c0f8e423f7723a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 02:55:18 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Apr 2022 21:30:31 GMT
server: AmazonS3
age: 40573
etag: "bc7143287be71ba0515e0658f32ca2e3"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17372
x-amz-cf-id: vatyXHSJRtjYt9q5QlyUwCXrtySU_b8Ge-QrBHkjA_nOtIf8avx3TA==

GET
H2 200 fenty_full_frontal_volume_lift_and_curl_mascara_su22_2_1_360x408_49eaaae347.jpg
static.fabfitfun.com/cms/ 10 KB
10 KB 67ms
17ms Image
image/jpeg 2600:9000:2156:3400:b:d158:c180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fabfitfun.com/cms/fenty_full_frontal_volume_lift_and_curl_mascara_su22_2_1_360x408_49eaaae347.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:b:d158:c180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a4061675d5e7d1757c0d57f521566360000519e18a7ca3e08fff08a9306cc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 04:38:46 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Apr 2022 20:42:44 GMT
server: AmazonS3
age: 34365
etag: "9412980176263f3f5f3d249a9bf59569"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9887
x-amz-cf-id: 8Ru3E0HX0sJd2FRi4M4FKsKhSnwzez5XyBOjkOPr7AtDZNIwPy0c7A==

GET
BLOB 200
OK d877a0cb-a971-468f-b3d7-72b15f57b81b
https://fabfitfun.com/ 7 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://fabfitfun.com/d877a0cb-a971-468f-b3d7-72b15f57b81b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dfc67da32a0bd7106b8cd7b016c5d76e6065b853b9b1d7dd581d6b7486108e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length: 7605

POST
H2 200 pub6383f187afc62de28730102574f8ca45
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 266ms
265ms Ping
application/json 2600:1f18:24e6:b901:db60:f606:db80:b17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub6383f187afc62de28730102574f8ca45?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aprod%2Cservice%3Agtb-checkout&batch_time=1654006290028
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:db60:f606:db80:b17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 31 May 2022 14:11:30 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

POST
H2 202 5f90aeab892e740961596bba Show response
events.launchdarkly.com/events/bulk/ 0
344 B 141ms
141ms XHR
application/json 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f90aeab892e740961596bba

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 91a81190-e0eb-11ec-b6c2-bdf42210bd7e
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2

Response headers

date: Tue, 31 May 2022 14:11:30 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5f90aeab892e740961596bba
events.launchdarkly.com/events/bulk/ Frame 0
0 99ms
99ms Preflight 34.234.23.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.23.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-23-220.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 31 May 2022 14:11:30 GMT
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK /
betastats.exitintel.com/ 43 B
189 B 414ms
100ms Image
image/gif 3.231.48.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://betastats.exitintel.com/?aId=2983&vId=0a8580d0-080d-4c04-b549-28b478a061ff&sId=98736b39-7dea-4e19-9d9b-ca9920fc520f&ref=https%3A%2F%2Ffabfitfun.com%2F&cId=default&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&e[0][t]=p%2Cv&_t=1654006290903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.48.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-48-201.compute-1.amazonaws.com
Software: nginx/1.8.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 14:11:31 GMT
Server: nginx/1.8.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 217ms
217ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Tue, 31 May 2022 14:11:31 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invitation-api.fabfitfun.com
URL: https://invitation-api.fabfitfun.com/invites/users/self/active/count

Domain: clientstream.launchdarkly.com
URL: https://clientstream.launchdarkly.com/eval/5fb6c61b31c9750997aef3f3/eyJrZXkiOiJhbm9ueW1vdXMifQ

Domain: api.segment.io
URL: https://api.segment.io/v1/p

Domain: api.amplitude.com
URL: https://api.amplitude.com/

Domain: api.segment.io
URL: https://api.segment.io/v1/t

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=4031595&Ver=2&mid=62b7f57b-d5e7-4f85-8fa3-9c2b662b9d1a&sid=8eae35d0e0eb11ecab1f5784f8470cdc&vid=8eae3570e0eb11ecb2b63375caea80b8&vids=1&evt=pageHide

Domain: d.clarity.ms
URL: https://d.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 03:28:12	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.fabfitfun.com/	1970-01-20 03:26:48	Name: sm_session_info Value: {%22sessionId%22:%2251f0fb1a-6dca-47c2-9e19-16bd37971fa4%22%2C%22sessionCreationDate%22:%222022-05-31T14:11:25.444Z%22}
.fabfitfun.com/	1970-01-20 05:36:22	Name: _gcl_au Value: 1.1.383624995.1654006286
.fabfitfun.com/	1969-12-31 23:59:59	Name: amplitude_idundefinedfabfitfun.com Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.bing.com/	1970-01-20 12:48:22	Name: MUID Value: 23A3452093CA68290EEE549592186904
.fabfitfun.com/	1970-01-20 20:57:58	Name: _ga Value: GA1.2.755578010.1654006286
.fabfitfun.com/	1970-01-20 03:28:12	Name: _gid Value: GA1.2.1712319525.1654006286
.fabfitfun.com/	1970-01-20 03:26:46	Name: _dc_gtm_UA-15829841-1 Value: 1
.w55c.net/	1970-01-20 12:56:10	Name: wfivefivec Value: MtAUBsW41NW2AJ2
.fabfitfun.com/	1970-01-20 04:09:58	Name: lantern Value: 91202879-c1fd-4a16-b78a-a6b81b9777d1
.roeye.com/	1970-01-20 20:57:58	Name: FabFitFunUS_lantern Value: 91202879-c1fd-4a16-b78a-a6b81b9777d1
.doubleclick.net/	1970-01-20 12:48:22	Name: IDE Value: AHWqTUn8kbroFjCn2SFbruhsCWY_EbKsK0ITTBXV3B6v0Gg7tv28RWFrBKoh94DnUcU
.tiktok.com/	1970-01-20 12:48:22	Name: _ttp Value: 29vvHYCqLxIyoDeKMTvaTKaixOr
.fabfitfun.com/	1970-01-20 05:36:22	Name: _fbp Value: fb.1.1654006286079.1177823156
.fabfitfun.com/	1970-01-20 12:48:22	Name: _tt_enable_cookie Value: 1
.fabfitfun.com/	1970-01-20 12:48:22	Name: _ttp Value: 6b1e611e-2d8b-4c99-a6e0-500ae15adaad
www.clarity.ms/	1970-01-20 12:12:22	Name: CLID Value: 50835b035ef14ae3949df2bd3171be41.20220531.20230531
.facebook.com/	1970-01-20 05:36:22	Name: fr Value: 0Ma2NXDFR5e9k0wL2..BiliIO...1.0.BiliIO.
ads.avct.cloud/	1970-01-20 12:12:22	Name: uuid Value: 7151323c-cb0d-4341-8dce-2737e57c9527
.fabfitfun.com/	1970-01-20 12:12:22	Name: _clck Value: 1lg23tr\|1\|f1x\|0
.c.bing.com/	1970-01-20 12:48:22	Name: SRM_B Value: 23A3452093CA68290EEE549592186904
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:48:22	Name: MUID Value: 23A3452093CA68290EEE549592186904
.c.clarity.ms/	1970-01-20 03:26:46	Name: ANONCHK Value: 0
.fabfitfun.com/	1970-01-20 12:12:22	Name: ajs_anonymous_id Value: %2276c5d386-ac76-45cc-b993-066fe4571f96%22
.fabfitfun.com/	1970-01-20 03:28:12	Name: _uetsid Value: 8eae35d0e0eb11ecab1f5784f8470cdc
.fabfitfun.com/	1970-01-20 12:48:22	Name: _uetvid Value: 8eae3570e0eb11ecb2b63375caea80b8
fabfitfun.com/	1970-01-20 20:57:58	Name: _tq_id.TV-45633636-1.b0b8 Value: c7115c97c8de2b36.1654006286.0.1654006288..
.fabfitfun.com/	1970-01-20 12:12:22	Name: _hjSessionUser_306880 Value: eyJpZCI6IjE4YzIyYjM1LWZhYzUtNTE5Ny1iOTMwLWFiZmJmNjZmNDg2YiIsImNyZWF0ZWQiOjE2NTQwMDYyODc3NzMsImV4aXN0aW5nIjpmYWxzZX0=
.fabfitfun.com/	1970-01-20 03:26:48	Name: _hjFirstSeen Value: 1
fabfitfun.com/	1970-01-20 03:26:46	Name: _hjIncludedInSessionSample Value: 0
.fabfitfun.com/	1970-01-20 03:26:48	Name: _hjSession_306880 Value: eyJpZCI6ImY2ZjBmNGMxLTBkZjEtNGVhYi1hMjc3LTQwYzAzZTMzY2VkMiIsImNyZWF0ZWQiOjE2NTQwMDYyODc4MTIsImluU2FtcGxlIjpmYWxzZX0=
.fabfitfun.com/	1970-01-20 03:26:48	Name: _hjAbsoluteSessionInProgress Value: 0
.fabfitfun.com/	1970-01-20 03:28:12	Name: _clsk Value: 1pa28yn\|1654006288449\|2\|1\|d.clarity.ms/collect
fabfitfun.com/	1970-01-20 03:26:47	Name: _dd_s Value: rum=1&id=9fd909dc-73ff-43c8-8cc6-1665c2a4103d&created=1654006287583&expire=1654007188649&logs=1
abtesting.fabfitfun.com/	1970-01-20 03:36:51	Name: AWSALB Value: I09LTMcIf78TG6wF+VCxYk8eHpfPyvxLElWaG0Qo4AKFZHmzVQ9T0taR5Jbqo4AxhK0Xc5zs8eiatHu/g7GM8Mr97eYlxXmJEpd9rxUobDG6d31CCnjl3wG9Dy1w
abtesting.fabfitfun.com/	1970-01-20 03:36:51	Name: AWSALBCORS Value: I09LTMcIf78TG6wF+VCxYk8eHpfPyvxLElWaG0Qo4AKFZHmzVQ9T0taR5Jbqo4AxhK0Xc5zs8eiatHu/g7GM8Mr97eYlxXmJEpd9rxUobDG6d31CCnjl3wG9Dy1w
.fabfitfun.com/	1970-01-23 19:02:46	Name: amplitude_id_caa6506e713bcb4ae1f30df83e37adc3fabfitfun.com Value: eyJkZXZpY2VJZCI6IjZhYzA2ZjBmLTJkMjYtNDY1ZS05NjQyLTgxZDhlY2M5Yjc4ZlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1NDAwNjI4NTY4MiwibGFzdEV2ZW50VGltZSI6MTY1NDAwNjI4OTIwNSwiZXZlbnRJZCI6MywiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjR9
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_ver Value: 2
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cfg Value: %7B%22se%22%3A%22cookie-domain%22%7D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_vid Value: 0a8580d0-080d-4c04-b549-28b478a061ff
.fabfitfun.com/	1969-12-31 23:59:59	Name: exitintel_sid Value: 98736b39-7dea-4e19-9d9b-ca9920fc520f
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_vc Value: 1
.fabfitfun.com/	1969-12-31 23:59:59	Name: exitintel_ref Value: https%3A%2F%2Ffabfitfun.com%2F
.fabfitfun.com/	1969-12-31 23:59:59	Name: exitintel_pvc Value: 1
.fabfitfun.com/	1969-12-31 23:59:59	Name: exitintel_lp Value: https%3A%2F%2Ffabfitfun.com%2Fget-the-box
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_prf Value: %7B%22gatheredData%22%3A%7B%7D%2C%22achivedGoals%22%3A%7B%7D%7D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cs Value: %5B%5D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cc Value: %5B%5D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cd Value: %5B%5D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cv Value: %5B%5D
.fabfitfun.com/	1970-01-21 23:14:46	Name: exitintel_cfid Value: default
fabfitfun.com/	1970-01-20 12:12:22	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+May+31+2022+14%3A11%3A29+GMT%2B0000+(GMT)&version=6.16.0&hosts=&landingPath=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://fabfitfun.com/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15829841-1&cid=755578010.1654006286&jid=2026594026&_u=YGBAgEABAAAAAE~&z=1805432445' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
security	error	URL: https://fabfitfun.com/ Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-user-list/805503010/?random=1654006285738&cv=9&fst=1654005600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=3868943787&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
security	error	URL: https://fabfitfun.com/ Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-user-list/805470366/?random=1654006285741&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2F&tiba=FabFitFun&async=1&fmt=3&is_vtc=1&random=1528183950&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
security	error	URL: https://bat.bing.com/p/action/4031595.js(Line 2) Message: [Report Only] Refused to load the script 'https://www.clarity.ms/tag/uet/4031595' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .fabfitfun.com .recurly.com .amazonaws.com .ada.support www.dwin1.com .google-analytics.com .doubleclick.net www.googleadservices.com www.googletagmanager.com .hcaptcha.com hcaptcha.com .exitintel.com .facebook.net .facebook.com .tiktok.com .cookielaw.org .segment.com .tvsquared.com .onetrust.com .adsrvr.org sc-static.net .zdassets.com .crrnt.app .pixlee.com .roeyecdn.com .amplitude.com .bing.com .googleapis.com .exitintel.com .jsdelivr.net .datadoghq-browser-agent.com .gladly.com .braintreegateway.com .paypal.com .cloudflare.com *.hotjar.com blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.clarity.ms/tag/uet/4031595 Message: [Report Only] Refused to load the script 'https://d.clarity.ms/s/0.6.34/clarity.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .fabfitfun.com .recurly.com .amazonaws.com .ada.support www.dwin1.com .google-analytics.com .doubleclick.net www.googleadservices.com www.googletagmanager.com .hcaptcha.com hcaptcha.com .exitintel.com .facebook.net .facebook.com .tiktok.com .cookielaw.org .segment.com .tvsquared.com .onetrust.com .adsrvr.org sc-static.net .zdassets.com .crrnt.app .pixlee.com .roeyecdn.com .amplitude.com .bing.com .googleapis.com .exitintel.com .jsdelivr.net .datadoghq-browser-agent.com .gladly.com .braintreegateway.com .paypal.com .cloudflare.com *.hotjar.com blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://fabfitfun.com/ Message: [Report Only] Refused to load the image 'https://c.clarity.ms/c.gif' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://d.clarity.ms/s/0.6.34/clarity.js(Line 1) Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://fabfitfun.com/ Message: [Report Only] Refused to load the image 'https://c.clarity.ms/c.gif?CtsSyncId=D857DF10A58C46BEA0A01935118E0EA2&MUID=23A3452093CA68290EEE549592186904' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://login-api.fabfitfun.com/login/verify-cookie Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://homepage-api.fabfitfun.com/web-cards?limit=18 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://homepage-api.fabfitfun.com/seasonal-timelines Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://homepage-api.fabfitfun.com/box-status Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://bat.bing.com/bat.js Message: [Report Only] Refused to connect to 'https://bat.bing.com/actionp/0?ti=4031595&Ver=2&mid=62b7f57b-d5e7-4f85-8fa3-9c2b662b9d1a&sid=8eae35d0e0eb11ecab1f5784f8470cdc&vid=8eae3570e0eb11ecb2b63375caea80b8&vids=1&evt=pageHide' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://bat.bing.com/bat.js Message: [Report Only] Refused to connect to 'https://bat.bing.com/actionp/0?ti=4031595&Ver=2&mid=62b7f57b-d5e7-4f85-8fa3-9c2b662b9d1a&sid=8eae35d0e0eb11ecab1f5784f8470cdc&vid=8eae3570e0eb11ecb2b63375caea80b8&vids=1&evt=pageHide' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://d.clarity.ms/s/0.6.34/clarity.js(Line 1) Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://d.clarity.ms/s/0.6.34/clarity.js(Line 1) Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://fabfitfun.com/get-the-box Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-user-list/805470366/?random=1654006287568&cv=9&fst=1654005600000&num=1&label=3-G2CJeo3e4BEJ6BioAD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMC3Wxb1exkHMHMMAl3luu3qepNbck_4kXZ0s1OmmlsOns038h&random=552081264&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
security	error	URL: https://fabfitfun.com/get-the-box Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-conversion/805503010/?random=1173127727&cv=9&fst=1654006287569&num=1&value=0&label=JNb-COqwsNcBEKKAjIAD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYv7OI4mJlgSPjLvYBw&cid=CAQSKQCNIrLMsp8RGUjExDGKnVuEGR9T0HrFmtEGYsOkydrbmQvLbO1JnP-8&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WEuE2u_KXnwMBwQRiN5T3UmrRKOGvVfysw&random=665776620&resp=GooglemKTybQhCsO&ipr=y&prhg=0' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
security	error	URL: https://fabfitfun.com/get-the-box Message: [Report Only] Refused to load the image 'https://www.google.de/pagead/1p-conversion/994993128/?random=150700584&cv=9&fst=1654006287575&num=1&value=0&label=0TKbCJP7yI4DEOjHudoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5p1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box&ref=https%3A%2F%2Ffabfitfun.com%2F&auid=383624995.1654006286&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=DyKWYuX8I9allgTp-YyoDQ&cid=CAQSKQCNIrLM9eIXFnAnD98lKXnnar3fEHP_9IuKSZpqlTIWhAkWANIp1Zp_&eitems=ChAI8PnWlAYQhJzjjNmbkIl3Eh0ANWH2WLNc9qXhs3FTqXeEHV59alBI2ay4PqZDZw&random=2151093921&resp=GooglemKTybQhCsO&ipr=y&prhg=0' because it violates the following Content Security Policy directive: "img-src 'self' .fabfitfun.com .google-analytics.com .discourse.org .cloudinary.com .w55c.net .adxcel-ec2.com .facebook.com .hcaptcha.com .amazonaws.com .doubleclick.net .roeye.com .bing.com .google.com .scorecardresearch.com .tvsquared.com .twitter.com .exitintel.com .googleadservices.com .media.net .smartclip.net data:".
network	error	URL: https://id.rlcdn.com/710764.gif?cparams=uuid=7151323c-cb0d-4341-8dce-2737e57c9527 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://bat.bing.com/p/action/4031595.js(Line 2) Message: [Report Only] Refused to load the script 'https://www.clarity.ms/tag/uet/4031595' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .fabfitfun.com .recurly.com .amazonaws.com .ada.support www.dwin1.com .google-analytics.com .doubleclick.net www.googleadservices.com www.googletagmanager.com .hcaptcha.com hcaptcha.com .exitintel.com .facebook.net .facebook.com .tiktok.com .cookielaw.org .segment.com .tvsquared.com .onetrust.com .adsrvr.org sc-static.net .zdassets.com .crrnt.app .pixlee.com .roeyecdn.com .amplitude.com .bing.com .googleapis.com .exitintel.com .jsdelivr.net .datadoghq-browser-agent.com .gladly.com .braintreegateway.com .paypal.com .cloudflare.com *.hotjar.com blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.clarity.ms/tag/uet/4031595 Message: [Report Only] Refused to load the script 'https://d.clarity.ms/s/0.6.34/clarity.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .fabfitfun.com .recurly.com .amazonaws.com .ada.support www.dwin1.com .google-analytics.com .doubleclick.net www.googleadservices.com www.googletagmanager.com .hcaptcha.com hcaptcha.com .exitintel.com .facebook.net .facebook.com .tiktok.com .cookielaw.org .segment.com .tvsquared.com .onetrust.com .adsrvr.org sc-static.net .zdassets.com .crrnt.app .pixlee.com .roeyecdn.com .amplitude.com .bing.com .googleapis.com .exitintel.com .jsdelivr.net .datadoghq-browser-agent.com .gladly.com .braintreegateway.com .paypal.com .cloudflare.com *.hotjar.com blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://customize-api.fabfitfun.com/customize/v1/public/campaign-state/users/null Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://universal-navigation-api.fabfitfun.com/menu/user-data Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".
security	error	URL: https://www.datadoghq-browser-agent.com/datadog-rum-v3.js Message: [Report Only] Refused to connect to 'https://d.clarity.ms/collect' because it violates the following Content Security Policy directive: "connect-src 'self' .fabfitfun.com .browser-intake-datadoghq.com api.recurly.com .segment.io .launchdarkly.com .logs.datadoghq.com .cookielaw.org .optimizely.com .launchdarkly.com .ada.support .doubleclick.net ekr.zdassets.com .zendesk.com .hcaptcha.com wss://.zopim.com .pixlee.com .tiktok.com .amplitude.com .paypal.com .braintree-api.com .onetrust.com www.google-analytics.com pactsafe.io .gladly.com *.hotjar.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8168391.fls.doubleclick.net
abtesting.fabfitfun.com
ads.avct.cloud
ads.avocet.io
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.tiktok.com
api.amplitude.com
api.recurly.com
api.segment.io
app.launchdarkly.com
bat.bing.com
betastats.exitintel.com
c.bing.com
c.clarity.ms
cdn.amplitude.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.optimizely.com
cdn.segment.com
cdn2.exitintel.com
clientstream.launchdarkly.com
collector-5366.tvsquared.com
connect.facebook.net
content.fabfitfun.com
customize-api.fabfitfun.com
d.clarity.ms
events.launchdarkly.com
fabfitfun.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
get.exitintel.com
googleads.g.doubleclick.net
hcaptcha.com
homepage-api.fabfitfun.com
id.rlcdn.com
insight.adsrvr.org
invitation-api.fabfitfun.com
j576j5dsib.execute-api.us-east-1.amazonaws.com
js.adsrvr.org
js.crrnt.app
js.recurly.com
lantern.roeye.com
lantern.roeyecdn.com
localization-api.fabfitfun.com
login-api.fabfitfun.com
pixel-a.basis.net
pixel.sitescout.com
res.cloudinary.com
rum-http-intake.logs.datadoghq.com
s3.amazonaws.com
sc-static.net
scontent01.fabfitfun.com
script.hotjar.com
session-replay.browser-intake-datadoghq.com
static.fabfitfun.com
static.hotjar.com
stats.g.doubleclick.net
tags.w55c.net
universal-navigation-api.fabfitfun.com
vars.hotjar.com
www.clarity.ms
www.datadoghq-browser-agent.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.amplitude.com
api.segment.io
bat.bing.com
clientstream.launchdarkly.com
d.clarity.ms
invitation-api.fabfitfun.com
104.16.113.53
104.16.114.53
104.16.168.131
108.157.4.86
142.250.185.70
142.250.74.194
143.204.101.66
143.204.103.41
143.204.93.244
143.204.94.161
143.204.95.34
143.204.98.102
143.204.98.118
143.204.98.29
143.204.98.6
151.101.66.217
18.219.18.11
23.20.47.40
23.36.163.232
2600:1f18:24e6:b901:2220:8eb4:de68:db12
2600:1f18:24e6:b901:db60:f606:db80:b17
2600:9000:2156:1200:6:8b80:1140:93a1
2600:9000:2156:3400:b:d158:c180:93a1
2600:9000:2156:a800:1f:af3f:8a40:93a1
2600:9000:2156:c00:1a:c126:2b00:93a1
2600:9000:2156:e000:f:8ce2:fb80:93a1
2606:4700:10::6814:b844
2606:4700::6810:5914
2606:4700::6810:9440
2620:1ec:27::cafe:1746
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9b
2a02:26f0:6c00:2a0::13b8
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::393
3.231.48.201
3.33.220.150
34.194.240.189
34.234.23.220
35.168.183.19
35.169.238.157
35.244.174.68
40.76.174.66
52.142.114.2
52.217.101.166
52.27.128.188
52.59.40.31
54.216.196.145
54.217.253.227
54.227.212.212
54.69.55.17
66.155.71.150
76.223.31.44
048ab56b8ee40bc8ee7b8bf53db6749d61c2843752a229a12272c6a9ca8661f4
067af1b34d61cee078a2519f0e3fca89839e804cb27167d83b586c5a9d735644
0c9291b5147f9466092a2bdf937b36970ff1799f7f6b25afb5514987cdab4705
0f937dfc65eac757d97ab03c00054cffa482a0108d4e46d70297676e83811a49
106b0f97ef6a536202abd6f328d1fdbdc7bad4cadefb5dfd2a104420470a5e7c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1343313f3c456ce2fb4b9388e90e0d60432675f02caf39419d71e00dd1e82c85
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
147b1cbfb03c6bad64d558a5487de4d0112e013526c66c1666556923695c11b7
17447880c8e2134e3b329f9ff21d6819bdc8552c3305ba7001166720dffedb5f
18217485959e8112af8bc4f42f4bf9d2f3eeae74830b497e819f79423afb04bd
182838b91e7ff23aeadea5b8d66f7eacdb7b38aa480a3454cf387bc93ff3072c
18b22f24095cebf04cc720b33497fa7e4e6f17c20f5373c620e934ef3fc9217e
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1c1a268fd355da5205bb049f753b73a62793eda57394dab70e8d5982bd499692
1db3eb18070eedf94f30c3b0708ae3cb5d26dec36dfb96cc36613f37456378aa
1e2bac853b28a04a86d254b662b06212a5e13de438e57f9211d81b1159ea13a2
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
21818bca42a3202e4b46be64251ec2f3552487db68b8129a15c550c3943fa7a5
23998573260ee36663b9c7d31a63fd11386833980371f5bf84082ef660a68c64
2474a3dab6ec273fd83559c1a700c7ea6526cdbda9b3c3fe96cc57c0df405e96
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
28d503bfec76a3b13f2f7733b4819013712326adc99c863bf4c96980e36e81ab
2e437aa50faecdc8953f5229b5593276469477e30a2a48d61d36ee91bd5a98cd
2eb9b03e945ce0c2872600080523bd1a6fd20bda0194cd500187064b07c4f79a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3083f0b113d8bddef0b6ead5d84d21c8753a4442eef63ec0f4326c96911d9f5c
320c349e996c332ecd165bfe2c49114a75bf4e33e933ba88839d3a6e93c569f4
341d10775d40325601f79e194725a4ae344743c04823aacb0bbbe3d0b9442f28
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3f27ce19e9a4d161e1dac159a428d23ce1108c1a62900f47fed4d09e69b23333
4375ebb4771e6dbb66555214b78781f96a3f6fc43f26b6e9acc4a4751551706b
439bb68e4b99a7037363e3c9671380459a2e0aa1c8276fb1c68823da04608a3d
43fc92abb9815563690cd472d891ec96e3d3a7d3e6e173131ab836679bd3bbe5
44110162ab2260293897e440cc198d102ff47f3dcef78a878e8cabe40fbf4563
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
489491d44131f7fb6d0c0fdc318fa30c22cc3acc36b0175ad1792a18ebca4bc2
49e0e12f3a55bc9f505da95fd1737c1e984930789e671d2c06921067245a5189
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4bdfe9b2b2bee656f09dbef5112c4245378dff02793659ce4ab1ae9b45253b25
4e9486d6556613523d1fb8ae9cf4126f433f7190e20b8ce907cddf8b852f3b0d
4e9fb716062ce52c34ff4ceae4d8dc05610d1d943134441f1dec3d280295a090
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51307b3c0f38d9808fdcfd286a8a37bfdb1f69498aa89bd88cd07413a10932f8
51ba32124931d27f90794a9366e4b9c0de8125d120fcc137810fe0fa41ed7e37
52dfc67da32a0bd7106b8cd7b016c5d76e6065b853b9b1d7dd581d6b7486108e
5912c149cfa07e89f6c7f9c256559218e93535e5a1f68ecee0bd2779659f5dea
5975bc8be7f37911e0ce168775378c797da4c20106ce3302ef77b1fd6fc5c3d4
5a15a8aa2ca8887762134e72a78441257a04897be1383f1f601c0234329910af
5a7bc810ef60a7fd26d333d4e542884fb2873c312ef348863f23e319aa48fe47
5b60e8d17e321465c95f06c689cb197312741d68889dee7faa567bb905288219
5e5f4ec1ab81cd61228c39777f8271caae248b6666f59ce5f48da521ce779393
63d253d1a69ee4fca32058397596f2078e3b7ec13a888b784163a7cbefba9b51
6804f44394afc98f452e6c5be9a220a935a19c14c40a42a09d9909f9d62e5a1c
6f641c11dcdac2ee6259a226f5feb5d5106a17ba83e52453d18d8e8e937633c8
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
70317206c4eb3cbaa0ed2df4c6d540e9b152a12b365bac22034803a0e1f4f79c
70d5e2f3da8ebb1d896cc0d6891ab3a124ebce6cd7feb3519d24d11c68164b84
721db9cad24a7357b39c116ba669c6f015115e3bc49686ebd2146eb882b6762c
7291b9cd60a48e11ae39d26b51b97c0c4926cc881191147ae2d17ebeb2b3e201
73d373ed5f48efd137d015e250ac11d368fd987b41d6dba88e81578b43e219a2
76f2e2b799136962759337d259e9bc656eb7f2206d8b5839b82c124a3c12ad52
784a48eb8bf25e32cc50465c15a92796f71e9eb2046de3d07dc5caf70d356fb5
79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c
7e27cf3fdfbe2dceab03ae0538752b7c32fec894459495c30921b8dc5799607c
7fa80c9a3595b623f4a6073a52ee6decc51e6db84f640aad05ed64a3117196fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84daa56e647b81934364aad5d750e9981bed70a3b69d4adb091378468c96d9cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8a4061675d5e7d1757c0d57f521566360000519e18a7ca3e08fff08a9306cc3a
8b5bdfa0deb7a234d5b2847c21059d34808d6e1576633f70ec5872fa1f1228f8
8dbda6faf1896f926936e6046ac1eab8f19eb403bb63be274f642615cedb1502
8f5c31f5bb7c1f8d330c8cae17d85dc2418df66bc8f0c237a91bfd3754ec0461
926194ab1e7c020c3cd5bb578f78a59926d1060dd6600ef4591c2ac629fbe284
95f314782f33f107740d32aacf51e323e203c2c6cc8c8ca3d557c6f4d1267a96
96179687fd74e6a3f6f7187f01d183a4d00ee25f491a741a78c3766e453e0691
970231232e3bd96a4e58f4a6520531a55cab085043bb7a436cc256aa488b4d1a
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9891d7fa51d8d655f4d120c810986445df9ac9756b7bd1bbba6064143fdb84a5
9994c767bc0b8cfe890b8c939f7fa0cf84e2eb5581f6a1e2c8047ab8bac07125
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a90fb5460ea3764b9103b50ee679c48caa1c6aa57cff2af7ab0add48146237f
9abefafd34a5bf7a436aee1871c7de23fd9d9f68fef033af02b60277cc381e36
9d39b621e4c014b2742ca8c79a64764bdc36d1d2d743ef62e8a1b6d850b5a913
9d7d30d0b1f26136bdd31cc940f372df514925c59841b68f19ad89d292d0813a
a0fb7131022bfe0b4a80fe4b420898250853aaf1282d2a6e73ca9811885f23b7
a18cff2d451ed9bf8cffa5d68ec1d3328708469aa98ff1a66c9b96d60978f511
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22
a72ff44ab1b2c08f5fa439c7a8df555b159a77470facf80a455287bc4b078695
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
abf017dc48957544574af45f235fa6c55a334b84e88513f9f9a58687733d013e
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b0100499988e9262cee416d3f87b5d033de22e1641e9b62d621a5420d588ac7b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2eddf3ace0ca350190881a756a2fc2ec8fbc1a01b67471ef8f559545bf7fe1c
b2f8e1fbc92d43f059d4c082c53de84ec5410d932ef829c0c1a8c33a104e12cf
b39eb230e1ff8d93627f34d927b695b76045e80dacdba001f8598c54f0333df3
b6a3db821178640d1dac756c4bddf26f13ada86db3eefa77786ffb8236ca1afe
b99c919f168349275b903d0a29253e0de9a945945650d811ee2ee0214b9387be
ba15dd872587c79b3ed4caf4fc9e72a494eb452ade103c920f5291ae71cd6b4a
bc99d6793f1200d25886a929f19473ba44fe663fbe4b91b06d79614f6f5c852d
bdce3bbd8057971f2d922de12fa71685c6c98036be41c729f49f5db817768641
be0a1872212991003f745c768457e812508b22ae6a020fa96cda41c34466bd34
c3c32a8c6f75d7f2dc3c8bcbfcdf8dc6bebd5a5114e8ccf29cf22ed7036f0bfc
c5f76f6b31c4863c12f6a316251c95daea7071e1dd2f16e32b703b022abe886b
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb345b9d9035b453cdaac782b470bdabffdb009f5f51e134e92af04413658664
cc54fb76d49326f8b101f7ecffb3f0e4dd31ca9e277457582ad5529ce27d04b1
cffcd5e5786f6213f4534a2a72e966597697cbda1d57ea74c0f8e423f7723a16
d3ad3699821e985aad5a7655041382d273a846816af393e9e9c5d7a87d2c78c6
d484788eaece8777578947085573b0a7f8cca5238db694ac1a5fcf8da595d63d
d74e26d9c3f3c998f8549e6b1e5a64f72c95b1548edba1f06436bd7fcafcaaab
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcbf928e7361ff0611474ca11372d170b5c765fea5492886ce24b0260af7d8f9
dd3e581ba85205add4d89a5a9006bf7bbded298c998325aa6afe90c117ab53f0
dd6afc5ca21e20fba6c0f8063017e22fcbcf5f94d9ad50db0b5320133f0cfbb4
de40eb341c46aaec05179c927639cb96f3872cac432ef3c8c6216c57026245ac
e16853aed2895cb808fee0d4fc80d7a892e5a5af7a2e93a67cda475786888a6a
e26e02a5dfc53ea2bfa7cdd893a500f4f0d540e18dee5e0a251a2c3e488b6469
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f3d22f12d07be903b8f4756763e691561d9b6f1f3bc47b300f8dd0766a2d98
e522b65ed788de9ea0529bd093f789186fc168f412755d1f5e9440ebfe95d702
e65f44091d958bd6814ec918fd37cffaced53f8645db09447b8593d29bc3e1a5
e9cf89e599fcfe1a240b90836410b4ba9c0a865d42c718c31fd41c0e0219de33
ea4d1983e2f057260edd19635577183178c863b7c56d972662ae48f3c5b5efb7
ea5975a4255dbd492afe449ae6964dda4331f2850170909f5ae911b7b75197cb
ed4e6f9a747ce33cd09b21d909e25d3fc7fca47679b3e24d0929e0b34eb400ca
edea1b53d919de072c2f593498bde093df2af8b4e952e7e7b5758f2a85bb5b10
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f3682c75976086cc38c7c48589d8bd5e5e7161ef7fd0343bf6674a3385c8c28f
f95c07fa81f07fcd7f713beb0d169251d6e5623da52c05485bc4beff5fcfa42d
fabe1f9891280893a219ddd7b66da18328804228aadec53b7faddc388f4c52ff
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

fabfitfun.com Open in urlscan Pro 23.20.47.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

272 Requests

94 %HTTPS

42 %IPv6

44 Domains

72 Subdomains

63 IPs

6 Countries

4112 kBTransfer

13380 kBSize

53 Cookies

18 Outgoing links

Page URL History

Redirected requests

272 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fabfitfun.com Open in urlscan Pro
23.20.47.40 Public Scan

Screenshot
Live screenshot

Full Image

272
Requests

94 %
HTTPS

42 %
IPv6

44
Domains

72
Subdomains

63
IPs

6
Countries

4112 kB
Transfer

13380 kB
Size

53
Cookies

272 HTTP transactions
15 data transactions