fabfitfun.com Open in urlscan Pro
54.158.159.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.fabfitfun.com/u/click?_t=7c725c9f0e7c43c8bb62c3dfc0792ff7&_m=bce835803f62427eb6ba4b6a44801937&_e=90GGHmD8ok57j...
Effective URL:
https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Submission: On August 04 via api (August 4th 2023, 6:14:10 pm UTC) from US — Scanned from DE

Summary HTTP 209 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 62 domains to perform 209 HTTP transactions. The main IP is 54.158.159.241, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is fabfitfun.com. The Cisco Umbrella rank of the primary domain is 144239.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 13th 2022. Valid for: a year.

This is the only time fabfitfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:249... 2600:9000:2490:2600:1c:3a7d:6c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.158.159.241 54.158.159.241	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
16	2600:9000:230... 2600:9000:2304:6000:1a:c126:2b00:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	3.143.48.135 3.143.48.135	16509 (AMAZON-02) (AMAZON-02)
1	18.173.189.135 18.173.189.135	16509 (AMAZON-02) (AMAZON-02)
10	13.32.110.22 13.32.110.22	16509 (AMAZON-02) (AMAZON-02)
1 2	3.120.19.63 3.120.19.63	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:582::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	23.206.208.183 23.206.208.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.165.183.33 18.165.183.33	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:a641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.231.104 143.204.231.104	16509 (AMAZON-02) (AMAZON-02)
4	34.194.240.189 34.194.240.189	14618 (AMAZON-AES) (AMAZON-AES)
10	99.86.90.76 99.86.90.76	16509 (AMAZON-02) (AMAZON-02)
16	34.98.107.242 34.98.107.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
11	2600:1f18:24e... 2600:1f18:24e6:b900:d898:d22b:959b:4d36	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
4	52.71.237.94 52.71.237.94	14618 (AMAZON-AES) (AMAZON-AES)
4	54.227.212.212 54.227.212.212	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.110.34 13.32.110.34	16509 (AMAZON-02) (AMAZON-02)
1	3.226.22.114 3.226.22.114	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	15.197.213.252 15.197.213.252	16509 (AMAZON-02) (AMAZON-02)
7	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	18.158.157.188 18.158.157.188	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.75.15 18.195.75.15	16509 (AMAZON-02) (AMAZON-02)
1 1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:1f18:612... 2600:1f18:612b:4280:9572:897d:1714:1b9b	14618 (AMAZON-AES) (AMAZON-AES)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	2.16.202.106 2.16.202.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	18.173.188.94 18.173.188.94	16509 (AMAZON-02) (AMAZON-02)
2 2	54.217.88.245 54.217.88.245	16509 (AMAZON-02) (AMAZON-02)
1	35.158.34.195 35.158.34.195	16509 (AMAZON-02) (AMAZON-02)
1 1	3.220.32.191 3.220.32.191	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.252.43.226 34.252.43.226	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 1	3.71.161.69 3.71.161.69	16509 (AMAZON-02) (AMAZON-02)
1 1	3.64.163.89 3.64.163.89	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.150.184 54.36.150.184	16276 (OVH) (OVH)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.145.203 45.79.145.203	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2600:1f14:5db... 2600:1f14:5db:eb11:8dc0:e41:8a28:dbed	16509 (AMAZON-02) (AMAZON-02)
1	52.216.210.112 52.216.210.112	16509 (AMAZON-02) (AMAZON-02)
1	108.138.198.2 108.138.198.2	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.223.74.168 34.223.74.168	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.3.93.213 52.3.93.213	14618 (AMAZON-AES) (AMAZON-AES)
209	51

1 2600:9000:2490:2600:1c:3a7d:6c40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

links.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.159.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-159-241.compute-1.amazonaws.com

fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:2304:6000:1a:c126:2b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

scontent01.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.143.48.135 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-48-135.us-east-2.compute.amazonaws.com

collector-5366.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.189.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-189-135.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.110.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-22.vie50.r.cloudfront.net

app.amped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.19.63 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-63.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:582::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.183.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-33.zrh55.r.cloudfront.net

events.tryamped.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.231.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-104.cdg3.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.240.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-240-189.compute-1.amazonaws.com

localization-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 99.86.90.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-90-76.cdg50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.98.107.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.107.98.34.bc.googleusercontent.com

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f18:24e6:b900:d898:d22b:959b:4d36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.237.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-237-94.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.227.212.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-212-212.compute-1.amazonaws.com

content.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customize-api.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-34.vie50.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.22.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-22-114.compute-1.amazonaws.com

abtesting.fabfitfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.213.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.157.188 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-157-188.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.75.15 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-75-15.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:9572:897d:1714:1b9b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.202.106 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-106.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.188.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-188-94.muc50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.88.245 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-88-245.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.34.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-34-195.eu-central-1.compute.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.32.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-32-191.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.43.226 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-43-226.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.161.69 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-161-69.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.163.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-163-89.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.184 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip184.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.145.203 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: lciapi-ewr-03.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:8dc0:e41:8a28:dbed (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.210.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.198.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-198-2.mxp64.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.93.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-93-213.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 380 s.amazon-adsystem.com — Cisco Umbrella Rank: 325	28 KB
27	fabfitfun.com 1 redirects links.fabfitfun.com — Cisco Umbrella Rank: 327430 fabfitfun.com — Cisco Umbrella Rank: 144239 scontent01.fabfitfun.com — Cisco Umbrella Rank: 302694 localization-api.fabfitfun.com — Cisco Umbrella Rank: 364364 content.fabfitfun.com — Cisco Umbrella Rank: 359921 abtesting.fabfitfun.com — Cisco Umbrella Rank: 556051 customize-api.fabfitfun.com — Cisco Umbrella Rank: 844686	851 KB
16	recurly.com js.recurly.com — Cisco Umbrella Rank: 17006 api.recurly.com — Cisco Umbrella Rank: 51953	775 KB
11	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2064	3 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 367	159 KB
10	segment.com cdn.segment.com — Cisco Umbrella Rank: 1553	94 KB
10	amped.io app.amped.io — Cisco Umbrella Rank: 71677	73 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1178 events.launchdarkly.com — Cisco Umbrella Rank: 894 clientstream.launchdarkly.com — Cisco Umbrella Rank: 842	2 KB
8	userway.org cdn.userway.org — Cisco Umbrella Rank: 4964 api.userway.org — Cisco Umbrella Rank: 4770	273 KB
8	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 115 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	6 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4472	61 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5576	861 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2577	2 KB
5	gstatic.com fonts.gstatic.com	162 KB
5	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3048	9 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 790	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55 region1.google-analytics.com — Cisco Umbrella Rank: 1869	21 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	3 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 6360	1 KB
4	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 13262 newassets.hcaptcha.com — Cisco Umbrella Rank: 12132 hcaptcha.com — Cisco Umbrella Rank: 8304	179 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	344 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 687 logx.optimizely.com — Cisco Umbrella Rank: 1376	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	156 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 813	531 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1313	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	2 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	616 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1415 lm.serving-sys.com — Cisco Umbrella Rank: 2543	779 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 631	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2395	898 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1522 ups.analytics.yahoo.com — Cisco Umbrella Rank: 329	852 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 360	882 B
2	tryamped.com events.tryamped.com — Cisco Umbrella Rank: 82248	346 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 879	20 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 166	4 KB
2	w55c.net 1 redirects tags.w55c.net — Cisco Umbrella Rank: 4648	1 KB
2	tvsquared.com collector-5366.tvsquared.com — Cisco Umbrella Rank: 411530	9 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1109	172 B
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3725	18 KB
1	amazonaws.com s3.amazonaws.com	2 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1121	169 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2339	342 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3463	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1395	324 B
1	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 648	353 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	304 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1360	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5532	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2866	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 4147	880 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 579	693 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5384	389 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 670	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 541	487 B
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 27492	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 10606	9 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 647	295 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
209	62

	Domain	Requested by
26	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com fabfitfun.com s.amazon-adsystem.com
16	scontent01.fabfitfun.com	fabfitfun.com
11	api.recurly.com	js.recurly.com scontent01.fabfitfun.com
11	rum.browser-intake-datadoghq.com	scontent01.fabfitfun.com
11	cdn.cookielaw.org	fabfitfun.com cdn.cookielaw.org
10	cdn.segment.com	scontent01.fabfitfun.com cdn.segment.com
10	app.amped.io	fabfitfun.com app.amped.io
7	cdn.userway.org	accessibilityserver.org scontent01.fabfitfun.com cdn.userway.org
7	dev.visualwebsiteoptimizer.com	scontent01.fabfitfun.com dev.visualwebsiteoptimizer.com
6	www.google.de	fabfitfun.com
5	fonts.gstatic.com	fonts.googleapis.com
5	js.recurly.com	scontent01.fabfitfun.com api.recurly.com
5	res.cloudinary.com
5	ct.pinterest.com	s.pinimg.com fabfitfun.com
5	www.google.com	2 redirects fabfitfun.com
4	ib.adnxs.com	4 redirects
4	cookie-matching.mediarithmics.com	4 redirects
4	events.launchdarkly.com	scontent01.fabfitfun.com
4	app.launchdarkly.com	scontent01.fabfitfun.com
4	localization-api.fabfitfun.com	scontent01.fabfitfun.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	fabfitfun.com www.googletagmanager.com www.google-analytics.com cdn.segment.com
3	region1.google-analytics.com	www.googletagmanager.com
2	logx.optimizely.com	scontent01.fabfitfun.com
2	www.facebook.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	customize-api.fabfitfun.com	scontent01.fabfitfun.com
2	image6.pubmatic.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
2	content.fabfitfun.com	scontent01.fabfitfun.com
2	events.tryamped.com	app.amped.io
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googleadservices.com	www.googletagmanager.com
2	tags.w55c.net	1 redirects fabfitfun.com
2	collector-5366.tvsquared.com	fabfitfun.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	api.segment.io	scontent01.fabfitfun.com
1	cdn.amplitude.com	cdn.segment.com
1	s3.amazonaws.com
1	hcaptcha.com	newassets.hcaptcha.com
1	api.userway.org	scontent01.fabfitfun.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	us-u.openx.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	ups.analytics.yahoo.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	clientstream.launchdarkly.com
1	abtesting.fabfitfun.com	scontent01.fabfitfun.com
1	accessibilityserver.org	scontent01.fabfitfun.com
1	fonts.googleapis.com	scontent01.fabfitfun.com
1	public.profitwell.com	fabfitfun.com
1	js.hcaptcha.com	scontent01.fabfitfun.com
1	cdn.optimizely.com	scontent01.fabfitfun.com
1	region1.analytics.google.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	c.amazon-adsystem.com	fabfitfun.com
1	fabfitfun.com
1	links.fabfitfun.com	1 redirects
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
209	82

This site contains links to these domains. Also see Links.

Domain
login.fabfitfun.com
support.fabfitfun.com
legal.fabfitfun.com
91wmha1pma1.typeform.com
www.instagram.com
www.twitter.com
www.facebook.com
www.tiktok.com
www.youtube.com
www.pinterest.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
fabfitfun.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.fabfitfun.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-14` - `2023-11-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-07-16` - `2024-08-12`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
app.amped.io Amazon RSA 2048 M02	`2023-02-21` - `2023-11-04`	8 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
events.tryamped.com Amazon RSA 2048 M01	`2023-02-20` - `2023-12-03`	9 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-06-21` - `2024-06-22`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.recurly.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
accessibilityserver.org Amazon RSA 2048 M01	`2023-02-24` - `2023-12-05`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-02-10` - `2023-10-07`	8 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2023-04-14` - `2024-05-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
api.userway.org Amazon RSA 2048 M02	`2023-02-09` - `2023-10-31`	9 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-14` - `2023-08-12`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Frame ID: BED5256EFEDED6D424C84F1476CDF158
Requests: 165 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497&dcc=t
Frame ID: 7176434871FD790AC523F6C83F177E90
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D8fd6a395-1aa2-98df-fd3a-11546d753535%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://fabfitfun.com/get-the-box&ex-hargs=v%3D1.0%3Bc%3D592790219332271385%3Bp%3D8FD6A395-1AA2-98DF-FD3A-11546D753535&cb=534165755425420400
Frame ID: D8C3DBD024EE7E8FB1E5115A5BE5C896
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4F30B25F6CA203CED08B768871119BBC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo
Frame ID: 7728A486A7AC7488D2EDEA8F1158A51F
Requests: 30 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2e8d33a/static/hcaptcha.html
Frame ID: D2E05F4712D0FFBC5F817AAB8EF3402B
Requests: 3 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 85FCB595E8562EF0A2FBD649D0A0EAFE
Requests: 2 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: 4827519AF5553F0F65F9397A6A55E0C9
Requests: 2 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: FDCD3F1654B8C10EABF8B4FA8D6761E5
Requests: 2 HTTP requests in this frame

Frame: https://api.recurly.com/js/v1/field.html
Frame ID: AE9C0380D8AE2E7FCEB977BD4DD0F25D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FabFitFun - Beauty, Fitness, LifestyleBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://links.fabfitfun.com/u/click?_t=7c725c9f0e7c43c8bb62c3dfc0792ff7&_m=bce835803f62427eb6ba4b6a44801... HTTP 303
https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_sour... Page URL

Detected technologies

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

209
Requests

85 %
HTTPS

29 %
IPv6

62
Domains

82
Subdomains

51
IPs

9
Countries

3281 kB
Transfer

11411 kB
Size

68
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://login.fabfitfun.com/
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/?a=How-do-I-cancel-my-membership---id--CiMSVaZrQZ-JNO0AIHiPiA
Title: click here

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#terms-of-use
Title: Terms of Use and Sale

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#box-membership-terms
Title: FabFitFun Membership Terms

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#terms-of-use/
Title: Terms of Use and Sale

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us
Title: FAQ

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/
Title: Customer Care

Search URL Search Domain Scan URL

URL: https://support.fabfitfun.com/hc/en-us/articles/360034415552#billing-shipping-schedule-0-0
Title: Billing / Shipping Schedule

Search URL Search Domain Scan URL

URL: https://91wmha1pma1.typeform.com/to/q04dnBqR/
Title: Corporate Gifting

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fabfitfun/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@fabfitfun?lang=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fabfitfun

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fabfitfun/

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#california-supply-chains-act
Title: California Supply Chains Act

Search URL Search Domain Scan URL

URL: https://legal.fabfitfun.com/#cookie-policy-uk
Title: View our Cookie Policy.

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: Click here to learn more about Cookies.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.fabfitfun.com/u/click?_t=7c725c9f0e7c43c8bb62c3dfc0792ff7&_m=bce835803f62427eb6ba4b6a44801937&_e=90GGHmD8ok57jSA0_KMr1LfwdgMAccvyEToTvsbZD15jX2RbiZ4Bqzr2__vLFyBWp0UO3pwfjRnIRQ4vyYlqxwbRvX0B5nhwTmOvN_b_blKZ5cXfpFcnKY0eOC2Y8L4IGiBMpBrYlJDODdoaHYhZLiF9AvdqP7xvaG6WpEEi45tBtMvMDp1AVa1G7V5vlLAsWk3oVik5XCmoRCrw-KTLLul6B8BFHYdGZbiqI7EcIk_RoRMeOGGQG_VYWvenlu4vw-6W9BYMwPXGdSkQQwK00X01FqVHado6WVW_10nNu7ISB8JlegG0mM2-lG5qTni1xvLrpkuxO8FejIqMmZkTFQ*3D*3D HTTP 303
https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://tags.w55c.net/rs?id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url= HTTP 302
https://tags.w55c.net/rs?sccid=7326b4ea-d951-b911-fa27-cf947caa083c&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

Request Chain 35

https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497&dcc=t

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6j_NZMDnIYyO7_UPxaSV0As&sscte=1&crd=&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85Doik37IWEZ8DyA2l8U1fD--LBJwQhFxxo&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01wZzVKTGMxNjRET2NfMDdZTFBxRm54dWEwZzRzMEFRQS1zT180eUNCXzJMczdmQ2JVTmtfNWx3IhMIwISj5M3DgAMVDMe7CB1FUgW6 HTTP 302
https://www.google.com/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01wZzVKTGMxNjRET2NfMDdZTFBxRm54dWEwZzRzMEFRQS1zT180eUNCXzJMczdmQ2JVTmtfNWx3IhMIwISj5M3DgAMVDMe7CB1FUgW6&is_vtc=1&ocp_id=6j_NZMDnIYyO7_UPxaSV0As&cid=CAQSKQBpAlJWc3dgrJw7Lu4R8BcyBtL38HUjSfQIEuR8kBeVmGzqudg7CNz3&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85DEOGdgDQ1Xr6Gqwfo1p4KoBL_D-fUJzMs&random=1074349129 HTTP 302
https://www.google.de/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01wZzVKTGMxNjRET2NfMDdZTFBxRm54dWEwZzRzMEFRQS1zT180eUNCXzJMczdmQ2JVTmtfNWx3IhMIwISj5M3DgAMVDMe7CB1FUgW6&is_vtc=1&ocp_id=6j_NZMDnIYyO7_UPxaSV0As&cid=CAQSKQBpAlJWc3dgrJw7Lu4R8BcyBtL38HUjSfQIEuR8kBeVmGzqudg7CNz3&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85DEOGdgDQ1Xr6Gqwfo1p4KoBL_D-fUJzMs&random=1074349129&ipr=y

Request Chain 39

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6j_NZIXmId6S7_UPiqa5iAk&sscte=1&crd=&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85CwDOBcgClcpab5g0C9EoLRBtwNxiAzP0U&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01tNzBxX2NreFR3WS1kU1VqOVJUMEwxQmVHTG1uR2p3OGVyRGE0Z0tkQnlXWGZvYllSNWxaMDFaIhMIhYOj5M3DgAMVXsm7CB0KUw6R HTTP 302
https://www.google.com/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01tNzBxX2NreFR3WS1kU1VqOVJUMEwxQmVHTG1uR2p3OGVyRGE0Z0tkQnlXWGZvYllSNWxaMDFaIhMIhYOj5M3DgAMVXsm7CB0KUw6R&is_vtc=1&ocp_id=6j_NZIXmId6S7_UPiqa5iAk&cid=CAQSKQBpAlJWx3ML58hLJFuh6NHjFxGMPQbDJWGyUOWQNe1qTlkQNph7NmBE&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85CJA5iIFTq8D6ihmGIxhOEMdbKS6YpmbMw&random=14128128 HTTP 302
https://www.google.de/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01tNzBxX2NreFR3WS1kU1VqOVJUMEwxQmVHTG1uR2p3OGVyRGE0Z0tkQnlXWGZvYllSNWxaMDFaIhMIhYOj5M3DgAMVXsm7CB0KUw6R&is_vtc=1&ocp_id=6j_NZIXmId6S7_UPiqa5iAk&cid=CAQSKQBpAlJWx3ML58hLJFuh6NHjFxGMPQbDJWGyUOWQNe1qTlkQNph7NmBE&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85CJA5iIFTq8D6ihmGIxhOEMdbKS6YpmbMw&random=14128128&ipr=y

Request Chain 115

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216853104598003952496&ex=neustar.biz

Request Chain 116

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=82565a6a9e2976ccca6e1bab23e0000d

Request Chain 117

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 119

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=dda8c044b1fa46aa8c2e68b8c6b6a92b

Request Chain 120

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Request Chain 121

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=a5dd2ca01ec2c8f846e9bdd4ef7a875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 122

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 123

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6723c115-aa48-417d-b1cd-b4ced265ec85&ex=improvedigital.com

Request Chain 125

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=119daa0c5fda39532

Request Chain 126

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=T-CZ62YHSOK2R-gh-85MQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=T-CZ62YHSOK2R-gh-85MQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75645220879895921461528191126340109121

Request Chain 128

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8134436932547714999

Request Chain 130

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%225fbb22bf-633c-4f06-bdca-48b76836a319%22,%22Time%22:%2220230804T181404.910549%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=5fbb22bf-633c-4f06-bdca-48b76836a319

Request Chain 131

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESENxwm_vn6yalmHI3qpmxleQ&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENxwm_vn6yalmHI3qpmxleQ&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESENxwm_vn6yalmHI3qpmxleQ%26gdpr%3D0%26action%3DGET_ID%26etid%3D%26domid%3D1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5279836834366819884&opid=apx&ops=&utidl=tech:goo:CAESENxwm_vn6yalmHI3qpmxleQ&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec%3A46854836285&gdpr=0

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJu_9L7sWz0msZOjfdvpn8I&google_cver=1

Request Chain 133

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8da43d18ea029c1c7d6b58c4c221a4d1

Request Chain 135

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LZ8I3bN0mH4lRMWY1JuQvzc4ZF84ZgAC

Request Chain 136

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=64DD25643D4F29C1

Request Chain 137

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5279836834366819884&ex=appnexus.com

Request Chain 138

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=aG9vu5aL0clvY2gU8WcYUMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 140

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2DED3FCD645234273C02A83B91

Request Chain 141

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=19c3cd0ea7b1836f41737e4f5749670c26115956a475cb1ab23f2e3f0d2f10a9

Request Chain 142

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CD5193FD-5FC9-46D0-A633-A21D3AE058CC

Request Chain 143

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=eb0bb6b5-4395-4766-b28e-796774dba790-tuctbc6c56d

209 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fabfitfun.com/get-the-box/
Redirect Chain

https://links.fabfitfun.com/u/click?_t=7c725c9f0e7c43c8bb62c3dfc0792ff7&_m=bce835803f62427eb6ba4b6a44801937&_e=90GGHmD8ok57jSA0_KMr1LfwdgMAccvyEToTvsbZD15jX2RbiZ4Bqzr2__vLFyBWp0UO3pwfjRnIRQ4vyYlqxw...
https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

125 KB
18 KB

305ms
97ms

Document
text/html

54.158.159.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.158.159.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-158-159-241.compute-1.amazonaws.com

Software

Nginx /

Resource Hash

696e991097d05fe86a5460a2aeb1b2f5f96d87c9b4f60f042ea2c4b1c8ba1c57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300,public,must-revalidate
content-encoding: gzip
content-security-policy-report-only: default-src 'self' *.fabfitfun.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fabfitfun.com *.recurly.com *.amazonaws.com *.ada.support www.dwin1.com *.google-analytics.com *.doubleclick.net www.googleadservices.com www.googletagmanager.com *.hcaptcha.com hcaptcha.com *.exitintel.com *.facebook.net *.facebook.com *.tiktok.com *.cookielaw.org *.segment.com *.tvsquared.com *.onetrust.com *.adsrvr.org sc-static.net *.zdassets.com *.crrnt.app *.pixlee.com *.roeyecdn.com *.amplitude.com *.bing.com *.googleapis.com *.exitintel.com *.jsdelivr.net *.datadoghq-browser-agent.com *.gladly.com *.braintreegateway.com *.paypal.com *.cloudflare.com *.hotjar.com *.clarity.ms accessibilityserver.org *.userway.org *.tryamped.com *.pinimg.com *.ads-twitter.com *.amped.io *.visualwebsiteoptimizer.com *.amazon-adsystem.com blob:; style-src * 'unsafe-inline' data: blob:; connect-src *; frame-src *; img-src * 'unsafe-inline' data: blob:; font-src * 'unsafe-inline' data: blob:; media-src * blob:; object-src 'none';
content-type: text/html
date: Fri, 04 Aug 2023 18:14:02 GMT
etag: W/"3179610943e420e4556119445ba504b1"
last-modified: Wed, 02 Aug 2023 16:38:20 GMT
server: Nginx
x-cache-status: STALE
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
content-security-policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 18:14:01 GMT
location: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
request-time: 2
server: iterable-links 15ed
vary: Origin
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id: NGo772urALc_i1TwKisAZ-Cvb6S7OHJy_myC3C0H5MhfkrE_nzbbXw==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 354 KB
109 KB 69ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd7370d649a9bce4f88882668a9fbb4c69c034233dfd27ce6d910918043da3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 18:14:02 GMT

GET
H2 200 webpack-runtime-88f430612ff086f9830b.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 5 KB
3 KB 728ms
634ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/webpack-runtime-88f430612ff086f9830b.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8ca344f4e5189c44e55b344ef86d6a253aaec1fa72ca202809ef53aea996877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"9a22a6ca3df3c13a1f84f4f35b55007b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: OPoHtFu9gJahIBmBlvL6wxn79r83yqchVJ3gHuRhpHnaSYrCk_--ow==

GET
H2 200 framework-72b9115a436ab0ddb0cb.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 26 KB
10 KB 729ms
635ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/framework-72b9115a436ab0ddb0cb.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d36babc52b2ea335bd753753f4b5ede95ef9cdc2d0940b226ceb59e3f73533b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"e3116832cf33b49d38785cb0cf56c337"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: qPS9csaaNcLV5naZctr4YUsd1RH0w3MkimWHIYs7fAknS-i92dSmUA==

GET
H2 200 app-8e4d526986c470976e0c.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 122 KB
35 KB 770ms
677ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/app-8e4d526986c470976e0c.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fbd01f40d2f00f41fdd519deaaa773cf381971ac62a3db6db5fc2ffa784b130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"c9310df648325284883a93304be09874"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: T9BUqeVMpLL0bxbFAGYGKzbw__r9yvCwCDe1k17R-xOJOuxicMdKLg==

GET
H2 200 c9c6fe98-1bf28fb325d19cb9106e.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 95 KB
23 KB 774ms
680ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/c9c6fe98-1bf28fb325d19cb9106e.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95c56d732024ad62bfaf569826b82276bf78b88842446cbb1c8af6e27b273e63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"b8136c391aaf33a089ef7b32a3f5b67b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: aH7ix831mEQI9caf1nqvxXvpXu3Av_wO2VCgnPKF2YFEwGCDgwvD7w==

GET
H2 200 247fa8cb-fc347514c2b15b1d1b6f.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 266 KB
69 KB 749ms
656ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/247fa8cb-fc347514c2b15b1d1b6f.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea8acd4e05d2a61585d21cf2c5232ce7d8fc30a8de31008333bdcb7c74f053b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"ed0b124f8ff351ea95a1f5d8f7cf7b8a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: kjE5-xRCL43O63OHRVZaeCG2P6BwYSJ2Om-4BCrU9LtKIxlsHfqCGA==

GET
H2 200 b69d375a-92852e156849e602a208.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 684 KB
215 KB 781ms
688ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/b69d375a-92852e156849e602a208.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eac6cf439c2bd6b45fd080e597d4601e5d9358f0ee07f47497b30ce9e808bb5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: W/"69259d58f1e24d4ceef14749da4a3456"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: sMhrIShwFlQ3cgl8v23Mydp2gYvtP9TGEO0ggV0nWzI9Rk2UerJSXA==

GET
H2 200 8eb3f76a-df95ede1ae5964c0a68b.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 142 KB
32 KB 736ms
643ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/8eb3f76a-df95ede1ae5964c0a68b.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdd91eab13856db2e77f3cb437babdf06cc400246aa555b0faad2f4e2f33e5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"a36d4a68b1d8e2de8b8a5aeeb0305041"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: d8YDua98VMQnNM1jKCnWB-sIpQRAH9mqT-dOvCmT1ICzAsQHZtuz_g==

GET
H2 200 commons-687fb15714e61aa22848.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 15 KB
6 KB 762ms
670ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/commons-687fb15714e61aa22848.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff07030df73a8cb5c7fd2929f4a15784fc68c0e00f52df19d38041b65719aaf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"4ad928154ad4edd7a41b9ae8755ca144"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: 55e2YRWCc0d7Ce_lEIca3kKXG53ou0fa8EdkFolt0o5XoLFjk5Fffg==

GET
H2 200 eddc3998177307ce442f9706bf92719f3fdc326f-335dd3012e5b9365f91c.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 383 KB
102 KB 871ms
779ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/eddc3998177307ce442f9706bf92719f3fdc326f-335dd3012e5b9365f91c.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c449662e4731bf25b29560bb3d326aab27def2313e9de35f49c630828b268787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: W/"383bc039a9843e16a87bae682ade8b41"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: Dw1EBRv-oT9T8jY9FkUAvKFjYYGlBNIQ9dffReGarMJ-1X9ALlXtgQ==

GET
H2 200 c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 60 KB
21 KB 791ms
698ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc17f2c0fe73518de4768de0a777caee2dddb3b4262568501534ba035bab235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: W/"c6db0c81b5c98efda8cf6fc91a9c4f6d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: s7Sy5VhuIigJEdRvCLu9doMpX4-FECB6Xmdoz9bRRbqVdqwYiWFkyg==

GET
H2 200 aa7618d75c958ec647a6960aecc3f74c5d931922-741cb404b459b62362e7.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 30 KB
10 KB 774ms
682ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/aa7618d75c958ec647a6960aecc3f74c5d931922-741cb404b459b62362e7.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b02d98c270382089ce2e01e97d87bc98b78c8faf50bc711ab968a803d755fbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"dcbcf3c50be5f35b41ed5134b2f1a547"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: wt1JkSbwRph9OKlM5qh5vxG3Unj5cuzkGr9ewDHlVN34ORiKy63How==

GET
H2 200 8f34e18930eecf03349cfacd437d1d73efb968eb-470656ded977c6fe6b4b.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 803 KB
229 KB 803ms
711ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/8f34e18930eecf03349cfacd437d1d73efb968eb-470656ded977c6fe6b4b.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af337291fc200952113c637155f4823ccc170d4f25805b5d4c428f6c96898e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: W/"23f6f47004b760900804912b9f9c7886"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: Rvt0mTeuvYS3O7JN3qmdMvcToRcgEgGmdio2gR_tChDL8OZsOqggPw==

GET
H2 200 ba0a0a4ec7e55c349c81e336d83c045feb974c1a-d5e012a64d3fe32164fc.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 217 KB
67 KB 766ms
674ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/ba0a0a4ec7e55c349c81e336d83c045feb974c1a-d5e012a64d3fe32164fc.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4222a15a2598b472eac5668820b704683f3a9a13ad72f14cd14d2b789aaac2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
content-encoding: gzip
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: W/"a990706e66d19c55bfc6cec8d1a58d49"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
x-amz-cf-id: tm24YkrICzzB3m6G2HxKQNT_DxlZ-QRXldobkZNG1hKEKn05-2BAVQ==

GET
H2 200 component---src-pages-index-tsx-3ebe333f929d0f6ab95b.js Show response
scontent01.fabfitfun.com/gtb/cdn/ 438 B
851 B 774ms
683ms Script
application/javascript 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/component---src-pages-index-tsx-3ebe333f929d0f6ab95b.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a27592a6aa13e31e6d4979f39610b643bd329c07aed42f6a180d8f1f05b5d807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
etag: "8d3016eaf7f85349498e06ab76f783b1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=31556952,public,immutable
accept-ranges: bytes
content-length: 438
x-amz-cf-id: ddBmz2lehAVDg5dILsNcJGH4S-uNYTxtTxUPHmI3CdWLHodk2QdNdA==

GET
H2 200 page-data.json
scontent01.fabfitfun.com/gtb/cdn/page-data/index/ 142 B
726 B 763ms
671ms Other
application/json 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/page-data/index/page-data.json
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5f76f6b31c4863c12f6a316251c95daea7071e1dd2f16e32b703b022abe886b

Request headers

Referer: https://fabfitfun.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 142
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
etag: "57f4fea8d5bc19583c2b49aa7cc10c09"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: ETag
cache-control: max-age=31556952,public,immutable
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: OCGKaiJ8NcSnm6hDbJQwi-bph3_UHn8ANg1TrM68BdB6KjwZtLxWrg==

GET
H2 200 app-data.json
scontent01.fabfitfun.com/gtb/cdn/page-data/ 50 B
634 B 762ms
670ms Other
application/json 2600:9000:2304:6000:1a:c126:2b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent01.fabfitfun.com/gtb/cdn/page-data/app-data.json
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6000:1a:c126:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10a40506eca24c2ee0a0ee3353aae3a5442db43cfcf370ff1ca514fb05f8dc03

Request headers

Referer: https://fabfitfun.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 e34b146b2a4038019e9b2a95fac837fc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 50
last-modified: Wed, 02 Aug 2023 16:38:22 GMT
server: AmazonS3
etag: "c4d7f2325e744ecb0cdcb16cd36f54f2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: ETag
cache-control: max-age=31556952,public,immutable
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Fvi8jHe-bb5IDX0vCJI_1leUVURdDKk4IlreaztTlEUwQ7GldejEVw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 41ms
19ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b836876c6014c346a749c23f680845562679daf29c640c99a3d92797a6244b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DflSFdkyRucOaDW0H1U81w==
age: 7970
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:06 GMT
server: cloudflare
etag: 0x8DB9307ED7A3471
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2a3dcf5-c01e-00ae-5d7a-c5fb8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c719aa3203dc-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
11ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 17:44:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 04 Aug 2023 19:44:24 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/ 3 KB
2 KB 75ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805470366/?random=1691172842488&cv=11&fst=1691172842488&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=3-G2CJeo3e4BEJ6BioAD&hn=www.googleadservices.com&frm=0&auid=1488524696.1691172842&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18acd8d95decdc00f837bf2d9b7a4c9d17e5d6fdc7fe07a8165b5d7bc5a0e9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-5366.tvsquared.com/ 20 KB
9 KB 466ms
106ms Script
application/javascript 3.143.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-5366.tvsquared.com/tv2track.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.48.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-48-135.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 18:14:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
ETag: "639c42c0-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 04 Aug 2023 18:24:02 GMT

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 10 KB
10 KB 56ms
10ms Script
application/javascript 18.173.189.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.189.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-189-135.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 799d81e407b92a5c1376de34460ef07843e3eb5242ad37dff2f492aecb06f2de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: gm57xYPvxXQcXWFgdEwwCnpgZroHWEFs
date: Thu, 03 Aug 2023 21:14:23 GMT
via: 1.1 0dfb58f1fc97e590bcf6bcf75288d878.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 20:30:58 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 75580
x-amz-server-side-encryption: AES256
etag: "bfb1581700806847894b765b7571d874"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10259
x-amz-cf-id: U6sFprH6Za7RYA82l0WIUpbcPyBU-QO4G0uwWyFzhJYjnWNzZe9mGA==

GET
H2 200 account_8rrned8 Show response
app.amped.io/snippet/ 263 KB
51 KB 240ms
43ms Script
application/javascript 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/account_8rrned8
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: cd32977f6b412ada0ed072a72040d44a0b734378aead5896e1faa300df0f1406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 31
x-powered-by: Express
etag: W/"41dc6-cO3e9ygyc+oVekorLro378LgSEw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=300, max-age=120
x-amz-cf-id: J4Clq-jHMw2yk9wrUUHnyzGf3pG56vNNSgDgakLAPCjgkPPNxWpNbw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
84 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98X0XSJ12P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5710dbc4f5f6f127338e9d4d6146c05e0d10ab9f5e668e943f56a7164d0a7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 18:14:02 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=
https://tags.w55c.net/rs?sccid=7326b4ea-d951-b911-fa27-cf947caa083c&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

42 B
580 B

18ms
16ms

Image
image/gif

3.120.19.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=7326b4ea-d951-b911-fa27-cf947caa083c&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

HTTP/1.1

Server

3.120.19.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-19-63.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:02 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:02 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: Retargeting/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://tags.w55c.net/rs?sccid=7326b4ea-d951-b911-fa27-cf947caa083c&scc=1&id=baf7959efcd6474fa774351bbd55dd4f&t=cart&referrer_url=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/805503010/ 3 KB
2 KB 65ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/805503010/?random=1691172842502&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&auid=1488524696.1691172842&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

96b892f6c645029f6744c68ce373bcd3ed5465ce0c098308f42c1ebfd93b21bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/994993128/ 3 KB
2 KB 63ms
22ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/994993128/?random=1691172842506&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&bttype=purchase&auid=1488524696.1691172842&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

42ff97a7d4f36d0e2c67a0de0a41ffba54d1890e85bd1b39b60b018ee50ac078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 78ms
12ms Script
application/javascript 2a02:26f0:480:582::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-6N92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:582::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "b890a703adcb559f5e5d300aa7e4294f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1466

GET
H2 200 091bf775-529d-4036-a445-3a322675c69c.json Show response
cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/ 4 KB
2 KB 67ms
31ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/091bf775-529d-4036-a445-3a322675c69c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30755ac2fe2350a3d518abff28db7ea52cba983183a03292671ab46cffeeda7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 75452
content-md5: XhEEUU/ZN6+NSdN6eCs1KQ==
content-length: 1624
x-ms-lease-status: unlocked
last-modified: Fri, 19 May 2023 20:05:15 GMT
server: cloudflare
etag: 0x8DB58A45CCD8966
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 18fed68b-d01e-0076-418d-8a5c5a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71a0bc13804-FRA
expires: Sat, 05 Aug 2023 18:14:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 17ms
16ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1478000689&t=pageview&_s=1&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&dp=%2Fget-the-box%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=1053048572&gjid=580609907&cid=1756373922.1691172843&tid=UA-15829841-1&_gid=672863370.1691172843&_slc=1&gtm=45He3820n516N92&z=1885181757

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4a2d5dd18965ad9c22fa314838fe702551bd543ce69d5cbfa73a44244d44f813

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 71ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15829841-1&cid=1756373922.1691172843&jid=1053048572&gjid=580609907&_gid=672863370.1691172843&_u=YGBAgEABAAAAAGAAI~&z=1749502439

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Aug 2023 18:14:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 81ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-98X0XSJ12P&gtm=45je3820&_p=1478000689&cid=1756373922.1691172843&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691172842&sct=1&seg=0&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98X0XSJ12P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 59ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-98X0XSJ12P&gtm=45je3820&_p=1478000689&cid=1756373922.1691172843&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691172842&sct=1&seg=0&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&dt=&en=GTB_SiteVisit&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98X0XSJ12P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 36ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CDKQ0W76S0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32c4ee7b86ff809af829005d8c657c66417e5e10a82c2d62c52a1dbc3d129cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 18:14:02 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 58ms
29ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7f18c71a7b6f1e56-FRA
access-control-allow-headers: Content-Type

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 7176
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497
https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497&dcc=t

65 B
896 B

137ms
124ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 04 Aug 2023 18:14:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 53G2JJR0BANBBKGRG24C

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 04 Aug 2023 18:14:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=21048bd0-56fe-4bdf-986f-ccad5e86095f&event=PageView&ts=1691172842497&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7B8KR6ZWN3PJXDK2Z7X8

GET
H2 200 /
www.google.com/pagead/1p-user-list/805470366/ 42 B
455 B 105ms
24ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805470366/?random=1691172842488&cv=11&fst=1691172000000&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=3-G2CJeo3e4BEJ6BioAD&frm=0&fmt=3&is_vtc=1&random=4047475983&rmt_tld=0&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/805470366/ 42 B
455 B 73ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/805470366/?random=1691172842488&cv=11&fst=1691172000000&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=3-G2CJeo3e4BEJ6BioAD&frm=0&fmt=3&is_vtc=1&random=4047475983&rmt_tld=1&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/994993128/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfi...
https://www.google.com/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-bo...
https://www.google.de/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box...

42 B
64 B

33ms
33ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01wZzVKTGMxNjRET2NfMDdZTFBxRm54dWEwZzRzMEFRQS1zT180eUNCXzJMczdmQ2JVTmtfNWx3IhMIwISj5M3DgAMVDMe7CB1FUgW6&is_vtc=1&ocp_id=6j_NZMDnIYyO7_UPxaSV0As&cid=CAQSKQBpAlJWc3dgrJw7Lu4R8BcyBtL38HUjSfQIEuR8kBeVmGzqudg7CNz3&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85DEOGdgDQ1Xr6Gqwfo1p4KoBL_D-fUJzMs&random=1074349129&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/994993128/?random=474901385&cv=11&fst=1691172842506&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=0TKbCJP7yI4DEOjHudoD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01wZzVKTGMxNjRET2NfMDdZTFBxRm54dWEwZzRzMEFRQS1zT180eUNCXzJMczdmQ2JVTmtfNWx3IhMIwISj5M3DgAMVDMe7CB1FUgW6&is_vtc=1&ocp_id=6j_NZMDnIYyO7_UPxaSV0As&cid=CAQSKQBpAlJWc3dgrJw7Lu4R8BcyBtL38HUjSfQIEuR8kBeVmGzqudg7CNz3&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85DEOGdgDQ1Xr6Gqwfo1p4KoBL_D-fUJzMs&random=1074349129&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/805503010/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabf...
https://www.google.com/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-b...
https://www.google.de/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-bo...

42 B
64 B

34ms
34ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01tNzBxX2NreFR3WS1kU1VqOVJUMEwxQmVHTG1uR2p3OGVyRGE0Z0tkQnlXWGZvYllSNWxaMDFaIhMIhYOj5M3DgAMVXsm7CB0KUw6R&is_vtc=1&ocp_id=6j_NZIXmId6S7_UPiqa5iAk&cid=CAQSKQBpAlJWx3ML58hLJFuh6NHjFxGMPQbDJWGyUOWQNe1qTlkQNph7NmBE&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85CJA5iIFTq8D6ihmGIxhOEMdbKS6YpmbMw&random=14128128&ipr=y

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/805503010/?random=2005361030&cv=11&fst=1691172842502&bg=ffffff&guid=ON&async=1&gtm=45He3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&label=JNb-COqwsNcBEKKAjIAD&hn=www.googleadservices.com&frm=0&value=0&auid=1488524696.1691172842&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOE1PeXBnWVFydFhzenVHVjUtU3VBUkltQU9wdUF2UHdCcmdBclZXUnRVNjFUQ3l3NE4wdnNYXzE4Z2VZakdra0txQ3JrVnpFY2VBGlhDaEFJOE1PeXBnWVE2cm00a0x2eTJNUWZFaTRBRzl6d01tNzBxX2NreFR3WS1kU1VqOVJUMEwxQmVHTG1uR2p3OGVyRGE0Z0tkQnlXWGZvYllSNWxaMDFaIhMIhYOj5M3DgAMVXsm7CB0KUw6R&is_vtc=1&ocp_id=6j_NZIXmId6S7_UPiqa5iAk&cid=CAQSKQBpAlJWx3ML58hLJFuh6NHjFxGMPQbDJWGyUOWQNe1qTlkQNph7NmBE&eitems=ChEI8MOypgYQ1oeK6Z63n_fEARIdAD1R85CJA5iIFTq8D6ihmGIxhOEMdbKS6YpmbMw&random=14128128&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.bd3e0b05.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 26ms
13ms Script
application/javascript 2a02:26f0:480:582::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:582::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "6dcfe4ec85689b22c849d9ef7f4b6487"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18133

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 109ms
38ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15829841-1&cid=1756373922.1691172843&jid=1053048572&_u=YGBAgEABAAAAAGAAI~&z=2034686054

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
43ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-15829841-1&cid=1756373922.1691172843&jid=1053048572&_u=YGBAgEABAAAAAGAAI~&z=2034686054

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
857 B 130ms
52ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614279359122&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%22c9a560c74de368dcd2e6ac5544ad12a9afd32584b71a52147303479f726e0408%22%7D&cb=1691172842652&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ced5ce17.1691172842.cb7e4f13
x-envoy-upstream-service-time: 3
content-length: 385
x-pinterest-rid: 1675633591923590
pin-unauth: dWlkPU9EQmpNVFUyWlRRdFpUWXdOeTAwTUdNNUxUZ3dOalF0WVdWbVpqVmlPVFEzWTJRMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 562 B
857 B 133ms
57ms XHR
application/json 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614279359122&cb=1691172842653&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ced5ce17.1691172842.cb7e4f15
x-envoy-upstream-service-time: 11
content-length: 385
x-pinterest-rid: 5036763447429929
pin-unauth: dWlkPU9EZzFNalJtT0dRdE9EUXpaQzAwTmpNNExXSmlOMkV0WWpRMU1UWmpZakF3WkdKaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fabfitfun.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
324 B 126ms
51ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614279359122&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%22c9a560c74de368dcd2e6ac5544ad12a9afd32584b71a52147303479f726e0408%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1691172842655

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ced5ce17.1691172842.cb7e4f16
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1387425011742058
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CDKQ0W76S0&gtm=45je3820&_p=1478000689&_gaz=1&ul=en-us&sr=1600x1200&cid=1756373922.1691172843&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&dp=%2Fget-the-box%2F&sid=1691172842&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CDKQ0W76S0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 28ms
25ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CDKQ0W76S0&cid=1756373922.1691172843&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CDKQ0W76S0&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
41ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CDKQ0W76S0&cid=1756373922.1691172843&gtm=45je3820&aip=1&z=698107843

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 26ms
25ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 1698
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: da60ad71-a01e-00f1-2de1-5a0975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71aec0d03dc-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/41c8ab63-b346-46c4-bec9-125ad88c1d34/ 159 KB
30 KB 43ms
43ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091bf775-529d-4036-a445-3a322675c69c/41c8ab63-b346-46c4-bec9-125ad88c1d34/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7530f35d2198d075554b483d4b8bd29890a7f5ec7a0be94acf2ad401f67c9146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57006
content-md5: MoIMEZvaEyRnAQYOCIm/yg==
content-length: 30020
x-ms-lease-status: unlocked
last-modified: Fri, 19 May 2023 20:05:19 GMT
server: cloudflare
etag: 0x8DB58A45F2FFF20
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 12ab10d4-301e-00dd-5f8d-8a8b48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71b3df53804-FRA
expires: Sat, 05 Aug 2023 18:14:02 GMT

GET
H2 200 config Show response
app.amped.io/snippet/account_8rrned8/ 46 KB
6 KB 106ms
37ms Fetch
application/json 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/account_8rrned8/config
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: fa83356fe1ba875d10b4252efdcd055132d69f9c160a5ebef2be01438545c93d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: br
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 29
x-powered-by: Express
etag: W/"b73a-cPhPMt93wf/r+l5fGcTsp19y0fQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
x-amz-cf-id: Fp_SaSvdRjDQPYSOkhZEEfXyGUjAyhnKdq-ew1f4s-DqQWIg3boaLA==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
568 B 58ms
57ms Image
image/gif 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614279359122&cb=1691172842790&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22em%22%3A%22c9a560c74de368dcd2e6ac5544ad12a9afd32584b71a52147303479f726e0408%22%2C%22pin_unauth%22%3A%22dWlkPU9EQmpNVFUyWlRRdFpUWXdOeTAwTUdNNUxUZ3dOalF0WVdWbVpqVmlPVFEzWTJRMA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22bd3e0b05%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ced5ce17.1691172842.cb7e4fd2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 4123437216068170
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 10 KB
3 KB 32ms
32ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5722b817ef1be922cf4b0f2cf283236efdb174ce31c3e8a741069350d74cc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C5modSwSv3cTxm4K+nFUow==
age: 57006
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2625
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:36 GMT
server: cloudflare
etag: 0x8DADC66B8AC108F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f796fa09-001e-013f-01e1-5a296f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71baead3804-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 63 KB
12 KB 32ms
32ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91b80678c5813dbb5f3fd19c6999b64d7e9b1b85edaff78c0071af1943a798d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LoxrrgKYe9lcX2giOmyp9Q==
age: 75451
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12585
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B9259B2A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 62ba7f7f-101e-014d-08e1-5a5851000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71baeaf3804-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 33ms
32ms Fetch
text/css 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 72660
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2d40d396-301e-0137-56e1-5a321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f18c71baeb03804-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 24ms
24ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 50528
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2411e4b2-801e-00a2-430e-c5157a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f18c71bed7903dc-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 24ms
24ms Fetch
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 72659
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 46393ec9-601e-0124-2b33-c507fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f18c71c0f4b3804-FRA

GET
H2 200 fff-logo.png
cdn.cookielaw.org/logos/ec5c563a-00b1-470d-8dc2-88ca4037db99/9a88e3f0-37c7-466c-be58-5fc6681c32e0/12915aaf-826a-4834-bf30-0d3dbb017b97/ 6 KB
7 KB 32ms
32ms Image
image/png 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/ec5c563a-00b1-470d-8dc2-88ca4037db99/9a88e3f0-37c7-466c-be58-5fc6681c32e0/12915aaf-826a-4834-bf30-0d3dbb017b97/fff-logo.png

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4b16bd4effe0c5c198218142c1744693a51701b0eb437cb7ce4a0faa90e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WolWaxTTHF6YkQWYmj3Cmg==
age: 19635
content-length: 6550
x-ms-lease-status: unlocked
last-modified: Wed, 24 Mar 2021 18:08:32 GMT
server: cloudflare
etag: 0x8D8EEEFD598BDB0
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e58ef600-b01e-0083-68e1-5a784b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f18c71c1da703dc-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Aug 2023 18:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 72855
x-ms-lease-status: unlocked
last-modified: Wed, 02 Aug 2023 03:24:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: da635364-d01e-0010-5b6b-c5ee00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f18c71c1daa03dc-FRA

GET
H2 200 638.bundle.js Show response
app.amped.io/snippet/ 5 KB
3 KB 25ms
24ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/638.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 90aab0730881396779df204831a04ccc34ab402940edd93d34aafba82bfca852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 21:48:41 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 246321
x-powered-by: Express
etag: W/"15e1-lditbp1mcNEaAFedw+Sfi8SLGQ4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: VfDocELo9xLEkpCPpr-A503uJD9cTruz0eTbi8nkG4-l86tSAggeGQ==

GET
H2 200 663.bundle.js Show response
app.amped.io/snippet/ 6 KB
3 KB 27ms
11ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/663.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 3ce4d1851a3e2a7210ef63046bdcbe3cf6885c35b441473b1acc8226c7d8ed9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 04:24:58 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 222544
x-powered-by: Express
etag: W/"172d-oG3BtuEnY4zqF9A3dq42EWSOMa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: QREOpFjKWrkCeRb-YyrKortaoDilKuyWYEmlI8W-tlOmwq4PHaCwiQ==

GET
H/1.1 200
OK tv2track.php
collector-5366.tvsquared.com/ 42 B
276 B 106ms
104ms Image
image/gif 3.143.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-5366.tvsquared.com/tv2track.php?action_name=&idsite=TV-45633636-1&rec=1&r=796324&h=18&m=14&s=2&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&_id=c669018a83650cc6&_idts=1691172843&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=183
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.48.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-143-48-135.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Fri, 04 Aug 2023 18:14:03 GMT
Server: nginx
Connection: keep-alive
Request-Id: e33af9d8-b0b9-4fe7-aca6-1605f7e47307
Content-Length: 42
Content-Type: image/gif

GET
H2 200 502.bundle.js Show response
app.amped.io/snippet/ 6 KB
3 KB 32ms
22ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/502.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 1b5c178beb056b9e623a1b67bce701ae7affc7328c017f2ab6842fa93404d5ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 02:16:25 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 57458
x-powered-by: Express
etag: W/"18ff-dz2iijAjI/1QuOAOjIFYhe05WqY"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: UVFAV-2kQB0qaEaamsnBgK41BBDKX2FcfxO3-LqDT0Lu9VTJAy5zBQ==

GET
H2 200 806.bundle.js Show response
app.amped.io/snippet/ 2 KB
1 KB 24ms
14ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/806.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 2f0057da1a175e92b78369bb9f528803614710cc9287e0d68564b5b7ee82ee1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 18:22:38 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 85885
x-powered-by: Express
etag: W/"782-J+7kWMA1/jGYT1wINsfevIh3aws"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: wNlFHDlRZ4Nog2H5HdFPtxULAR0LqXg_-scx-Ry4cCtgkoWVdCZl1w==

GET
H2 200 410.bundle.js Show response
app.amped.io/snippet/ 3 KB
2 KB 20ms
2ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/410.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 26af7b96b3f646da936c94809fe4019c0b326b5b68d3934ec3cfaedc7f03da40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 03:54:12 GMT
content-encoding: gzip
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 224391
x-powered-by: Express
etag: W/"ad5-OdcQMzwCAUGO3ligq/+W3i/X8M4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: iQ2a6defo8Owfm07JWKNpCIJPnQ35acFUNr89fCRjw6gjPu5m4vOVg==

GET
H2 200 585.bundle.js Show response
app.amped.io/snippet/ 2 KB
1 KB 18ms
18ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/585.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: a54a66682fcc0bc80c067b1e6ca5ae6f2e13e134ce08757a606223425ddabe6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 00:23:03 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 64260
x-powered-by: Express
etag: W/"827-BS2MxvmacMd54qFYB2l2PA5WnTs"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: htzUzW_1q07J_YO8CjNfUnJ7VFALww8G3ZLEXjj07HyKfe75QM4m_w==

GET
H2 200 266.bundle.js Show response
app.amped.io/snippet/ 2 KB
1 KB 22ms
22ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/266.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 3d1b5a8511d6b24dabe2dfd840eb18811fda5f2fe4473f723dfd07f7710a9d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 02:45:20 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 314923
x-powered-by: Express
etag: W/"68e-HX5KFJFaJEQylmbos9zuFd1NWyo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: SBrKdcgAUGDnZztvbrR2XNkHZ-J-9ubfQrh9vzmcRX7eWdJnWI9voQ==

GET
H2 200 8.bundle.js Show response
app.amped.io/snippet/ 7 KB
3 KB 17ms
17ms Script
text/html 13.32.110.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.amped.io/snippet/8.bundle.js
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-22.vie50.r.cloudfront.net
Software: / Express
Resource Hash: 394bdc3537d615423a88454a3231027871a83c31cdddf6a7c5e1ddef0a3319b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 21:56:35 GMT
content-encoding: br
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 159448
x-powered-by: Express
etag: W/"1db6-3ri1ipWfL+fKcjNzkmtCV6tuAVU"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
x-amz-cf-id: PFydeDEPVCQfwokUdwRfCx7uFvWeiuB_fTPRPTK79Er4C3qLQLI-ww==

POST
H2 204 collect Show response
events.tryamped.com/ 0
346 B 389ms
386ms XHR
text/plain 18.165.183.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.tryamped.com/collect
Requested by: Host: app.amped.io
URL: https://app.amped.io/snippet/account_8rrned8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-33.zrh55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Aug 2023 18:14:03 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
x-amzn-requestid: 59fcd5f5-a841-4969-ad7a-4e5f0b924319
x-amzn-trace-id: Root=1-64cd3feb-78584f3a71717f5f4b24dc92;Sampled=0;lineage=0e9e353e:0
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amz-apigw-id: JJbs6HJ7IAMFYXQ=
x-amz-cf-id: 3fYmfu1bn7RmXotuGBxPCp1Uq9xitYhjl80I7VqIjh-6vQfnSRUNpA==

OPTIONS
H2 200 collect
events.tryamped.com/ Frame 0
0 370ms
289ms Preflight
application/json 18.165.183.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.tryamped.com/collect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-33.zrh55.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://fabfitfun.com
content-length: 1
content-type: application/json
date: Fri, 04 Aug 2023 18:14:03 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
x-amz-apigw-id: JJbs2HP4oAMF6Fw=
x-amz-cf-id: -9nqGRfVWMyLC76AMiSEhwFsJyCEnhlpjPrY7wtfnrElxIEH1_cBKQ==
x-amz-cf-pop: ZRH55-P1
x-amzn-requestid: e46b3bea-cf3a-47c6-821e-7923c8f58048
x-cache: Miss from cloudfront

GET
H2 200 Dw1RatCFTZXTKvkDxcz1E.json Show response
cdn.optimizely.com/datafiles/ 86 KB
16 KB 437ms
402ms XHR
application/json 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/Dw1RatCFTZXTKvkDxcz1E.json

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/eddc3998177307ce442f9706bf92719f3fdc326f-335dd3012e5b9365f91c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e1ba1b53707d01f5489e83bff84a6c85b85fa225a5a60fb109f628a3ec481ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: o7gn8_44mQPZLXB8IpYbq6ucerdZvbT6
content-encoding: gzip
date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: W0BWJSD72YFP2KMG
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2697
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=MISS, edge; dur=7, origin; dur=381, cdn;desc="AkamaiION";dur=0,rtt;desc="10";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1691172844001_35115149_1449644312_38745_2734_9_0_219";dur=1
content-length: 15944
x-amz-id-2: 0J9tohBn8Aym71MEcjCxK7G7oFhF43CPBH6RvZaUCDPno7mGZvZgDmrfSVuoKDO7O2npUhOgIS4=
last-modified: Thu, 03 Aug 2023 21:20:27 GMT
server: AmazonS3
etag: "123c17aa320e0456e23de2da293a3ad3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-max-age: 604800
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H/1.1 200
OK iu3 Show response
s.amazon-adsystem.com/ Frame D8C3 556 B
1 KB 106ms
106ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D8fd6a395-1aa2-98df-fd3a-11546d753535%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://fabfitfun.com/get-the-box&ex-hargs=v%3D1.0%3Bc%3D592790219332271385%3Bp%3D8FD6A395-1AA2-98DF-FD3A-11546D753535&cb=534165755425420400

Requested by

Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a53f8e5bc0703f96518431118dcd71e19185da78beb3fb4ad76c68216b3e616a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 556
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 04 Aug 2023 18:14:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: H393MDX9X2DVC0AX6A4C

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 4F30 565 B
581 B 55ms
55ms Document
text/html 23.206.208.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.bd3e0b05.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-208-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.ced5ce17.1691172844.cb7e62f7
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 18:14:04 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1451839144240657

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 27 KB
7 KB 47ms
20ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=668866&u=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&f=1&vn=1.4
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/ba0a0a4ec7e55c349c81e336d83c045feb974c1a-d5e012a64d3fe32164fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 756a5701e5c5930b0807e59cb097016fd9f08d60b4da988eba1ce877bc16062f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1691169338"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ 313 KB
89 KB 55ms
21ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/b69d375a-92852e156849e602a208.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a338f6962758843a42b0a3753bc4c64b3e9edf24c6c13d5c2079c7a37f8fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6553b2bbd8fca4153c739e94065a1184.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: n4nWs0QJTPokvwY5MFijZknLU9UHyNN_
age: 0
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Aug 2023 10:12:30 GMT
server: cloudflare
etag: W/"1a6f2611c16ccd05360addd7b3baba65"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 7f18c723ba519b2e-FRA
x-amz-cf-id: yk5uo0y4fh78Xsec_GivNWwuLuUnEmu0rq8qp8FeeEQNpi8_VKDu3w==

GET
H2 200 fff-logo
res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Header/ 2 KB
2 KB 87ms
44ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Header/fff-logo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784a48eb8bf25e32cc50465c15a92796f71e9eb2046de3d07dc5caf70d356fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="fff-logo.webp"
server-timing: cld-cloudflare;dur=17;start=2023-08-04T18:14:04.128Z;desc=hit,rtt;dur=10
content-length: 1816
last-modified: Thu, 02 Dec 2021 23:07:09 GMT
server: cloudflare
etag: "28f19028f7ef61e65500d61464064440"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7f18c723cb459176-FRA
timing-allow-origin: *

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 159ms
21ms Script
application/x-javascript 143.204.231.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=e5b1589c47640df501a3f4a5eccb4bd1
Requested by: Host: fabfitfun.com
URL: https://fabfitfun.com/get-the-box/?planselection=true&coupon_code=thebest&planCode=fffvip&utm_source=crm&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.231.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-231-104.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
content-encoding: gzip
via: 1.1 b0dd57699b1d3b601416c357f037a79a.cloudfront.net (CloudFront)
date: Thu, 03 Aug 2023 23:34:27 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C1
age: 67178
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: OP6XjaM0_U5J8b__6tdFDe_zVItpD1-vgc6TktnezYXov_2fpx20LQ==

OPTIONS
H/1.1 204
No Content plans
localization-api.fabfitfun.com/api/1/subscription/ Frame 0
0 402ms
97ms Preflight
text/plain 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/api/1/subscription/plans
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Fri, 04 Aug 2023 18:14:04 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/7kbHDCgVdd/ 105 KB
29 KB 115ms
43ms Script
text/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/eddc3998177307ce442f9706bf92719f3fdc326f-335dd3012e5b9365f91c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0e7f5eecc58e17df85c5f0b8ca223d04516b526e4070f71c3f1532abbe2b58c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rL4EtDiRa69WpWHbsLi4kWM6GZo_8xPa
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 18:14:04 GMT
x-amz-cf-pop: CDG50-C1
age: 61
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Jun 2023 09:20:11 GMT
server: AmazonS3
etag: W/"23784fc4b7a897126df465f00a753a91"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: CDTBPBpB4mHvjtT1CJsucQpQGO5o2A22_MI15YLmdkjPrCX2xA217w==

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 413 KB
98 KB 52ms
9ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/b69d375a-92852e156849e602a208.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 760a27df1905957a833c6e5014bcb285d2059ceb38535c6bff2e410ed5598557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:08:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 04 Aug 2023 17:26:04 GMT
server: nginx
age: 346
etag: W/"64cd34ac-67256"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100264

GET
H/1.1 200
OK plans Show response
localization-api.fabfitfun.com/api/1/subscription/ 2 KB
1 KB 397ms
395ms Fetch
application/json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/api/1/subscription/plans
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: e9e1e78ef7f34a6a9161f7609e9c63e510444741bccbb49f32ba464431e32fd2

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Aug 2023 18:14:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 535

GET
H/1.1 200
OK plans Show response
localization-api.fabfitfun.com/api/1/subscription/ 2 KB
1 KB 402ms
98ms XHR
application/json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/api/1/subscription/plans
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: e9e1e78ef7f34a6a9161f7609e9c63e510444741bccbb49f32ba464431e32fd2

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 18:14:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 535

GET
H/1.1 200
OK fffvip Show response
localization-api.fabfitfun.com/countries/by-plan-code/ 5 KB
2 KB 405ms
101ms XHR
application/vnd.fabfitfun.v1+json 34.194.240.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://localization-api.fabfitfun.com/countries/by-plan-code/fffvip
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.240.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-240-189.compute-1.amazonaws.com
Software: /
Resource Hash: 60048cb0f7b15f21735e36e96acc6a4f36c17827faacfd0606f52831357dac84

Request headers

Accept: application/json, text/plain, */*
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 18:14:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v1+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 1237

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 49ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/app-8e4d526986c470976e0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6c0782fdf85dfd89752bf3c6ebbb75cf63f7a3c891b5f359757eaf9c1632719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 18:14:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 18:14:04 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 481ms
242ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=a7f4ff6e-8bdb-4d63-b23f-6438c396e8fc&batch_time=1691172844110

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a343a0cd13c7127e1990d4bef9b360f36092dbf89beb490bfbdd1014c7f13f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 586ms
349ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=2faaf8af-ec81-4994-9234-462a23a6195c&batch_time=1691172844113

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

8feb263ba7d07f9eaaff7f2eac8130c4306e729e24b1e5a6176a7d20d866e986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 574ms
339ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=e79d3a45-f5b8-4416-9520-9dc0c4af5c10&batch_time=1691172844115

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

30d5a0714b96a8452a673229f44f29937da6e2f8b7b229da85d6e0e8c2dd0600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 tag-c16f1c364211b68229e8cc02eec3d171.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 179 KB
50 KB 26ms
12ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c16f1c364211b68229e8cc02eec3d171.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=668866&u=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&f=1&vn=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: f2d7b8bf5b83ef5a6bac5bb565ca8a6b6144c0f5362605c294cf5e50c876db39

Request headers

Referer: https://fabfitfun.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 04 Aug 2023 13:54:31 GMT
server: gfra1
etag: "64cd0317-c713"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50963

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 99ms
98ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=668866&d=fabfitfun.com&u=DABD89C333673B04977193A82FB5E9D6F&h=a94dd335bb675d9c040a52e08fb6ef7a&t=false&r=0.15370509208100813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 5f90aeab892e740961596bba Show response
app.launchdarkly.com/sdk/goals/ 2 B
180 B 13ms
9ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f90aeab892e740961596bba

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Aug 2023 18:14:04 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1691172844.219196,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 15

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9 Show response
app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/ 2 KB
818 B 16ms
13ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64083cdda378ca18bc5e6db063bb34e05f4dc9c227f1a9544178979e28d85bf5

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 447
x-served-by: cache-fra-eddf8230104-FRA, cache-fra-eddf8230091-FRA
x-timer: S1691172844.219148,VS0,VE2
etag: "72dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

POST
H2 202 5f90aeab892e740961596bba Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 98ms
97ms XHR
application/json 52.71.237.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f90aeab892e740961596bba

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.71.237.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-237-94.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 200 5f90aeab892e740961596bba
app.launchdarkly.com/sdk/goals/ Frame 0
0 48ms
10ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 04 Aug 2023 18:14:04 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1691172844.205215,VS0,VE1

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/ Frame 0
0 48ms
10ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f90aeab892e740961596bba/users/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 04 Aug 2023 18:14:04 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1691172844.205186,VS0,VE1

OPTIONS
H2 204 5f90aeab892e740961596bba
events.launchdarkly.com/events/diagnostic/ Frame 0
0 313ms
102ms Preflight 52.71.237.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.71.237.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-237-94.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000

OPTIONS
H/1.1 204
No Content default
content.fabfitfun.com/contents/self/global-footer-v2/ Frame 0
0 405ms
104ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.fabfitfun.com/contents/self/global-footer-v2/default
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Fri, 04 Aug 2023 18:14:04 GMT

GET
H/1.1 200
OK default Show response
content.fabfitfun.com/contents/self/global-footer-v2/ 5 KB
2 KB 376ms
99ms Fetch
application/vnd.fabfitfun.v2+json 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.fabfitfun.com/contents/self/global-footer-v2/default
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: 46b6836cd9b12c11f60222861f0716d0a93d25e027746967965a026429d4f56f

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Aug 2023 18:14:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v2+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 1197

GET
H2 200 widget.js Show response
accessibilityserver.org/ 2 KB
2 KB 71ms
16ms Script
application/javascript 13.32.110.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/247fa8cb-fc347514c2b15b1d1b6f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-34.vie50.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 33435bdf976b70f5b83f066b2884107a2b9d5f799c5fbab4c544b747e63043ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:04:04 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront), 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1, VIE50-C2
age: 720
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 2501
x-accel-date: 1691159303
x-77-nzt: AcO1qhH5oHT/xQkAAA
last-modified: Fri, 04 Aug 2023 12:15:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c156224f351eedecc14cd64ad0dcb26
etag: W/"a0057e3829e90808f85f742a6bb951d0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: zOWdEPL2_yeZqGkDkyrdTPIX7JcPP_DkY7xFfzrj3ls_eXdx1QKu_A==

GET
H2 200 fffPactSafe.min.js Show response
abtesting.fabfitfun.com/Shared/assets/js/ 2 KB
1 KB 317ms
95ms Script
application/x-javascript 3.226.22.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abtesting.fabfitfun.com/Shared/assets/js/fffPactSafe.min.js
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/247fa8cb-fc347514c2b15b1d1b6f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.22.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-22-114.compute-1.amazonaws.com
Software: Apache/2.4.34 /
Resource Hash: a18cff2d451ed9bf8cffa5d68ec1d3328708469aa98ff1a66c9b96d60978f511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 19:15:22 GMT
server: Apache/2.4.34
etag: "68d-5af4adb28d68d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
accept-ranges: bytes
content-length: 744

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 38ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 04:08:39 GMT
x-content-type-options: nosniff
age: 137125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 04:08:39 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 04:08:39 GMT
x-content-type-options: nosniff
age: 137125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 04:08:39 GMT

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 100ms
100ms Ping
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=127&account_id=668866&cu=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&combination=3&s=1&sId=1691172844&u=DABD89C333673B04977193A82FB5E9D6F&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221691172844277%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.289&vns=undefined&vno=undefined&eTime=1691172844288&random=0.6282915826668385

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c16f1c364211b68229e8cc02eec3d171.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:03 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 97ms
96ms Ping
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=125&account_id=668866&cu=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&combination=1&s=1&sId=1691172844&u=DABD89C333673B04977193A82FB5E9D6F&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221691172844296%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.289&vns=undefined&vno=undefined&eTime=1691172844296&random=0.742123736060873

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c16f1c364211b68229e8cc02eec3d171.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:03 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 7728 4 KB
5 KB 97ms
97ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D8fd6a395-1aa2-98df-fd3a-11546d753535%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://fabfitfun.com/get-the-box&ex-hargs=v%3D1.0%3Bc%3D592790219332271385%3Bp%3D8FD6A395-1AA2-98DF-FD3A-11546D753535&cb=534165755425420400

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

7bde075b603a6b33d3710c81e7226747d43c2f0bdbc16bcb00abd872d8e4b709

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D8fd6a395-1aa2-98df-fd3a-11546d753535%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://fabfitfun.com/get-the-box&ex-hargs=v%3D1.0%3Bc%3D592790219332271385%3Bp%3D8FD6A395-1AA2-98DF-FD3A-11546D753535&cb=534165755425420400
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 4381
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 04 Aug 2023 18:14:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: QG7V8TSHR0D540K0W1C8

GET
H3 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 04:08:39 GMT
x-content-type-options: nosniff
age: 137125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 04:08:39 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:20:39 GMT
x-content-type-options: nosniff
age: 6805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:20:39 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700,800%7CPlayfair+Display:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fabfitfun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:20:39 GMT
x-content-type-options: nosniff
age: 6805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 16:20:39 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 347ms
208ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=d611bdb7-02fa-4223-a9a0-ed075804692e&batch_time=1691172844305

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

c29aeb627920951e58e9620c120ee606bef9fc80ada4ef9f88fdd3ef942bcaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 52 KB
4 KB 82ms
81ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=668866&settings_type=1&vn=7.0&exc=125|127
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c16f1c364211b68229e8cc02eec3d171.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: af784e605379b4910f8d9aa6b04db32fe15085535d21106abb29b6d7e5ee3641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1691169338"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 104ms
104ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=668866&u=DABD89C333673B04977193A82FB5E9D6F&s=1691172844&p=1&tags={%22si%22:{%22127%22:%223%22,%22125%22:%221%22}}&update=1&cq=0&vn=7.0.289&vns=undefined&vno=undefined&_cu=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source&eTime=1691172844326&random=0.21415288522208753

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2e8d33a/static/ Frame D2E0 2 KB
977 B 29ms
19ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2e8d33a/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1eaf0a5c29e6118812c0280abcbcaf007d75c4dc52d2a962979ff2727b1d8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 246
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 7f18c7255cba9b2e-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 18:14:04 GMT
last-modified: Fri, 04 Aug 2023 10:12:29 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-id: X4i3bOnRh2HRlOOZIekQM96y53TVk3cMJrFbwsNK2vD9_cVoMaCNDQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: nDTWTbwsJAExhgX1xr85g9C4z0Hjtpw.
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9
clientstream.launchdarkly.com/eval/5f90aeab892e740961596bba/ 2 KB
0 124ms
44ms EventSource
text/event-stream 15.197.213.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5f90aeab892e740961596bba/eyJrZXkiOiJhbm9ueW1vdXMiLCJhbm9ueW1vdXMiOnRydWV9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.213.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 1344
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/7kbHDCgVdd/ 12 KB
3 KB 64ms
20ms Fetch
application/json 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/7kbHDCgVdd/settings
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2a83c9ceeb7396a0d125004704f18f5f479933dca64a825d9b26a4ee53edac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Y_p2ADe3pR_MeHPjn3FksuECxvBX28kK
content-encoding: br
via: 1.1 7f5d5e89cfaceb195913fbae292db88a.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 16:11:40 GMT
x-amz-cf-pop: CDG50-C1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Jul 2023 22:57:50 GMT
server: AmazonS3
etag: W/"ea671aa64902e5e92e1b983271b917dd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: fifMqILtmZo7014DX5cwmychoEdJgBUuLmYCP3wid_bvLFC-a2nAVw==

GET
H2 200 widget_app_base_1691151119488.js Show response
cdn.userway.org/widgetapp/2023-08-04/ 133 KB
39 KB 67ms
11ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-08-04/widget_app_base_1691151119488.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25eb882b611b92a3d14efac8ccf6d090d4c0e2ed2a77aba20c5743b21c7d96bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 20862
x-accel-date: 1691151982
x-77-nzt: AcO1rw5H1Jn/flEAAA
x-accel-expires: @1717071982
last-modified: Fri, 04 Aug 2023 12:14:57 GMT
server: CDN77-Turbo
etag: W/"36c0a58fcdc4a3b92ee699adae8507af"
x-77-nzt-ray: 90833930d2cd68bfec3fcd64a6f8861c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: vrQgVICSTRA3_KZ9J2PoADrfslXFUYJje5PqxxnLaPiT6Oid92uXww==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216853104598003952496&ex=neustar.biz

43 B
479 B

106ms
106ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216853104598003952496&ex=neustar.biz

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZHPJZ0975G07SMAJT224
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216853104598003952496&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=82565a6a9e2976ccca6e1bab23e0000d

43 B
479 B

105ms
100ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=82565a6a9e2976ccca6e1bab23e0000d

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FEBXKYT2CFVAY407EE3P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=82565a6a9e2976ccca6e1bab23e0000d
date: Fri, 04 Aug 2023 18:14:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

198ms
100ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0G48G0HXZFFEPJSFGD73
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 04 Aug 2023 18:14:04 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET sync
t.myvisualiq.net/ Frame 7728 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=dda8c044b1fa46aa8c2e68b8c6b6a92b

43 B
479 B

133ms
101ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=dda8c044b1fa46aa8c2e68b8c6b6a92b

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AXXMMNHHKMVQQSZ0DY7K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=dda8c044b1fa46aa8c2e68b8c6b6a92b
date: Fri, 04 Aug 2023 18:14:04 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58725/ Frame 7728
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

0
125 B

80ms
15ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
content-type: text/html
cache-control: no-store
content-length: 355

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=a5dd2ca01ec2c8f846e9bdd4ef7a875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

195ms
99ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=a5dd2ca01ec2c8f846e9bdd4ef7a875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P9B74ATXCVT1C4JS9T68
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=a5dd2ca01ec2c8f846e9bdd4ef7a875&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1691172844695007-331
Expires: Fri, 04 Aug 2023 18:14:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

131ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P138F7JWFEE41BV236ZK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=NY192RY5FHQQ7JMW96GH:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: NY192RY5FHQQ7JMW96GH
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: HpefRkMkxMUSQcXrQOZt36AhfZ2ovfHCZ6vLY8ULaMKZ4x1A3pO61g==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=6723c115-aa48-417d-b1cd-b4ced265ec85&ex=improvedigital.com

43 B
479 B

228ms
110ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6723c115-aa48-417d-b1cd-b4ced265ec85&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PF28N24ARP6JZTQQMXEY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=6723c115-aa48-417d-b1cd-b4ced265ec85&ex=improvedigital.com
access-control-allow-origin: *
date: Fri, 04 Aug 2023 18:14:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 7728 0
186 B 161ms
102ms Image
text/plain 35.158.34.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.158.34.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-34-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=119daa0c5fda39532

43 B
479 B

127ms
100ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=119daa0c5fda39532

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V6WFSJ6XN3T9VKSJH8B3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 04 Aug 2023 18:14:04 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=119daa0c5fda39532
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=T-CZ62YHSOK2R-gh-85MQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=T-CZ62YHSOK2R-gh-85MQA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75645220879895921461528191126340109121

43 B
479 B

107ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75645220879895921461528191126340109121

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 044BZ8NFFWBH8H76NN7K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v050-08fbac455.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: l13s5n/cQxo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=75645220879895921461528191126340109121
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame 7728 42 B
213 B 57ms
20ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=7tza9ZR0SE6pYwb9RCg4sQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8134436932547714999

43 B
479 B

99ms
99ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8134436932547714999

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1SGHENKRSRTNVJ56D9Y7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=8134436932547714999
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET partner
sync.search.spotxchange.com/ Frame 7728 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%225fbb22bf-633c-4f06-bdca-48b76836a319%22,%22Time%22:%2220230804T181404.910549%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=5fbb22bf-633c-4f06-bdca-48b76836a319

43 B
479 B

104ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=5fbb22bf-633c-4f06-bdca-48b76836a319

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YGTSWYX6EAKDR9RAEVXE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=5fbb22bf-633c-4f06-bdca-48b76836a319
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESENxwm_vn6yalmHI3qpmxleQ&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENxwm_vn6yalmHI3qpmxleQ&gdpr=0&action=GET_ID&etid=&domid=1109
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESENxwm_vn6yalmHI3qpmxl...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5279836834366819884&opid=apx&ops=&utidl=tech:goo:CAESENxwm_vn6yalmHI3qpmxleQ&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec%3A46854836285&gdpr=0

43 B
479 B

100ms
99ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec%3A46854836285&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EY80Q6CQCG922EZ0B2MN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec%3A46854836285&gdpr=0
date: Fri, 04 Aug 2023 18:14:05 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJu_9L7sWz0msZOjfdvpn8I&google_cver=1

43 B
479 B

101ms
101ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJu_9L7sWz0msZOjfdvpn8I&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BJJZXP57KYWE8GJHMTRZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJu_9L7sWz0msZOjfdvpn8I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8da43d18ea029c1c7d6b58c4c221a4d1

43 B
479 B

105ms
100ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8da43d18ea029c1c7d6b58c4c221a4d1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MB94KB3STQQ7TKMRX1C9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=8da43d18ea029c1c7d6b58c4c221a4d1
content-length: 0
x-amz-cf-id: PzpUAGxC6SdJ7ZQ3X9P-LXK8rJTfL-U3LF-PBbm-HAQlgtc4PcCi3Q==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7728 43 B
304 B 61ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=LZ8I3bN0mH4lRMWY1JuQvzc4ZF84ZgAC

43 B
479 B

104ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LZ8I3bN0mH4lRMWY1JuQvzc4ZF84ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MMHD0DJ1NND1607ASZ40
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LZ8I3bN0mH4lRMWY1JuQvzc4ZF84ZgAC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=64DD25643D4F29C1

43 B
479 B

134ms
134ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=64DD25643D4F29C1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BZJQ02T4XNQY519G5DSE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:18 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=64DD25643D4F29C1
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=5279836834366819884&ex=appnexus.com

43 B
479 B

107ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5279836834366819884&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NR8SKFESFW6H5BTR1NPY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
an-x-request-uuid: 78436148-1524-41c0-9569-98514c015d97
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=5279836834366819884&ex=appnexus.com
x-proxy-origin: 81.95.5.44; 81.95.5.44; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=aG9vu5aL0clvY2gU8WcYUMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

99ms
99ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=aG9vu5aL0clvY2gU8WcYUMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F1F1M7CB0A3YW3BXKR9K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=aG9vu5aL0clvY2gU8WcYUMWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame 7728 0
324 B 160ms
28ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_bsw_bk_n-visualiq_n-telaria_gem_fw_imdb_n-improvedigital2_n-lucid_n-samba.tv_adelphic_adb_mp_af_sx_n-sk_n-mediarithmics_g_n-comscr.com_ox_index_n-semasio-ecm_an_rb_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&dmt=3&ep=-vMqxXDgQcCUuzI89-3P0to0klRj89po8j56c6cAaRtW8do8NqKuRBYM2azzcKzu_LSejduxSrDBJczok9BxF3UOPcwrysP4c1EA_k0GXuo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2DED3FCD645234273C02A83B91

43 B
479 B

104ms
104ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2DED3FCD645234273C02A83B91

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3A2JQ0BFZGW3R85GH6WJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 04 Aug 2023 18:14:05 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=CB914F2DED3FCD645234273C02A83B91
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 04 Aug 2023 18:14:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=19c3cd0ea7b1836f41737e4f5749670c26115956a475cb1ab23f2e3f0d2f10a9

43 B
479 B

108ms
107ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=19c3cd0ea7b1836f41737e4f5749670c26115956a475cb1ab23f2e3f0d2f10a9

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E4R6BMXMS4ZPT5JVFYE9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=19c3cd0ea7b1836f41737e4f5749670c26115956a475cb1ab23f2e3f0d2f10a9
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CD5193FD-5FC9-46D0-A633-A21D3AE058CC

43 B
479 B

98ms
98ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CD5193FD-5FC9-46D0-A633-A21D3AE058CC

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NX5YCA97E8BSVJ1F8RPD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=CD5193FD-5FC9-46D0-A633-A21D3AE058CC
date: Fri, 04 Aug 2023 18:14:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7728
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=eb0bb6b5-4395-4766-b28e-796774dba790-tuctbc6c56d

43 B
479 B

109ms
109ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=eb0bb6b5-4395-4766-b28e-796774dba790-tuctbc6c56d

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 18:14:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AEKWV7182DK1DCCCWK5J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=eb0bb6b5-4395-4766-b28e-796774dba790-tuctbc6c56d
date: Fri, 04 Aug 2023 18:14:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19921

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 85FC 1 KB
1 KB 42ms
13ms Document
text/html 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/field.html
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600,s-maxage=3600
content-length: 1268
content-type: text/html
date: Fri, 04 Aug 2023 17:20:21 GMT
etag: "64c9499a-4f4"
last-modified: Tue, 01 Aug 2023 18:06:18 GMT
server: nginx
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame 4827 1 KB
1 KB 37ms
14ms Document
text/html 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/field.html
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600,s-maxage=3600
content-length: 1268
content-type: text/html
date: Fri, 04 Aug 2023 17:20:21 GMT
etag: "64c9499a-4f4"
last-modified: Tue, 01 Aug 2023 18:06:18 GMT
server: nginx
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame FDCD 1 KB
1 KB 31ms
14ms Document
text/html 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/field.html
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600,s-maxage=3600
content-length: 1268
content-type: text/html
date: Fri, 04 Aug 2023 17:20:21 GMT
etag: "64c9499a-4f4"
last-modified: Tue, 01 Aug 2023 18:06:18 GMT
server: nginx
via: 1.1 google

GET
H2 200 field.html Show response
api.recurly.com/js/v1/ Frame AE9C 1 KB
1 KB 22ms
13ms Document
text/html 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/field.html
Requested by: Host: js.recurly.com
URL: https://js.recurly.com/v4/recurly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c

Request headers

Referer: https://fabfitfun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600,s-maxage=3600
content-length: 1268
content-type: text/html
date: Fri, 04 Aug 2023 17:20:21 GMT
etag: "64c9499a-4f4"
last-modified: Tue, 01 Aug 2023 18:06:18 GMT
server: nginx
via: 1.1 google

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2e8d33a/ Frame D2E0 313 KB
89 KB 23ms
21ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2e8d33a/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2e8d33a/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a338f6962758843a42b0a3753bc4c64b3e9edf24c6c13d5c2079c7a37f8fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2e8d33a/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 6553b2bbd8fca4153c739e94065a1184.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: n4nWs0QJTPokvwY5MFijZknLU9UHyNN_
age: 248
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Aug 2023 10:12:30 GMT
server: cloudflare
etag: W/"1a6f2611c16ccd05360addd7b3baba65"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 7f18c7263dbc9b2e-FRA
x-amz-cf-id: yk5uo0y4fh78Xsec_GivNWwuLuUnEmu0rq8qp8FeeEQNpi8_VKDu3w==

OPTIONS
H/1.1 204
No Content seasonal
customize-api.fabfitfun.com/customize/current/ Frame 0
0 402ms
97ms Preflight
text/plain 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/current/seasonal
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Fri, 04 Aug 2023 18:14:04 GMT

GET
H/1.1 200
OK seasonal Show response
customize-api.fabfitfun.com/customize/current/ 481 B
894 B 826ms
542ms Fetch
application/vnd.fabfitfun.v1+json 54.227.212.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customize-api.fabfitfun.com/customize/current/seasonal
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.212.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-212-212.compute-1.amazonaws.com
Software: /
Resource Hash: 558feae7cfc7d44fc58e8a86202e4531b59c7efc1406a2e10dae41122c3f40a3

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Aug 2023 18:14:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH
Content-Type: application/vnd.fabfitfun.v1+json
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With, fff-auth, apikey, redirect-url, hcaptcha-token, ASSIGNMENT_REGULAR_FLOW
Content-Length: 269

GET
DATA 200
OK truncated
/ 56 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 336b9bf639c8ba0eca42da49d8d3d3b7885509abfc45ed8537996f7ba65fb3a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 checkout-secure
res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_42,w_100/f_auto/q_auto/v1/prod/gtb/Form/ 3 KB
3 KB 39ms
38ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/c_scale,dpr_2.0,h_42,w_100/f_auto/q_auto/v1/prod/gtb/Form/checkout-secure

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56cd065913e65d2faba6615b1814bb618aa9d8e20ab415d487487bd0d28dc645

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="checkout-secure.webp"
server-timing: cld-cloudflare;dur=14;start=2023-08-04T18:14:04.539Z;desc=hit,rtt;dur=10
content-length: 3334
last-modified: Fri, 28 Jan 2022 19:54:10 GMT
server: cloudflare
etag: "69e2d14ba1bb5bd4c65535806b28da27"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7f18c7265e5c9176-FRA
timing-allow-origin: *

GET
H2 200 chevron.png
res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/ 654 B
827 B 36ms
35ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/chevron.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84daa56e647b81934364aad5d750e9981bed70a3b69d4adb091378468c96d9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="chevron.webp"
server-timing: cld-cloudflare;dur=12;start=2023-08-04T18:14:04.545Z;desc=hit,rtt;dur=10
content-length: 654
last-modified: Wed, 01 Dec 2021 01:11:50 GMT
server: cloudflare
etag: "d35cfc70c344183636dfb4d2c9645233"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7f18c7265e649176-FRA
timing-allow-origin: *

GET
H2 200 chevron-disabled.png
res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/ 656 B
858 B 35ms
34ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/q_auto,f_auto/v1638321059/prod/gtb/Form/chevron-disabled.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96179687fd74e6a3f6f7187f01d183a4d00ee25f491a741a78c3766e453e0691

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="chevron-disabled.webp"
server-timing: cld-cloudflare;dur=13;start=2023-08-04T18:14:04.542Z;desc=hit,rtt;dur=10
content-length: 656
last-modified: Wed, 01 Dec 2021 01:11:50 GMT
server: cloudflare
etag: "f71954245d89dff4c77ffc6afca92d12"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7f18c7265e659176-FRA
timing-allow-origin: *

GET
H3 200 info Show response
api.recurly.com/js/v1/risk/ 105 B
127 B 148ms
121ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/risk/info?version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6604083ae71cc792724fc7044fad943a093c8f92616af02eb1b336a1c2995f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
server: nginx
etag: W/"6604083ae71cc792724fc7044fad943a"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 105
x-request-id: 68d74f21-01ca-460e-94f0-1daf52d8cd52

POST rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 200 fffvip Show response
api.recurly.com/js/v1/plans/ 2 KB
2 KB 165ms
164ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/plans/fffvip?version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d8a00d17771d29140841bf23c7e21d86b08a4954a94f4af2f6b65ddf6656a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
server: nginx
etag: W/"1d8a00d17771d29140841bf23c7e21d8"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300,public
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 2267
x-request-id: e46a2bce-3516-4fdf-a961-d129ee7f6744

GET
H2 200 bg-wave
res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Plans/ 1 KB
1 KB 53ms
52ms Image
image/webp 2606:4700::6813:a641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/fabfitfun/image/upload/f_auto/q_auto/v1/prod/gtb/Plans/bg-wave

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

320c349e996c332ecd165bfe2c49114a75bf4e33e933ba88839d3a6e93c569f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="bg-wave.webp"
server-timing: cld-cloudflare;dur=27;start=2023-08-04T18:14:04.667Z;desc=hit,rtt;dur=11
content-length: 1164
last-modified: Wed, 01 Dec 2021 01:43:00 GMT
server: cloudflare
etag: "4511a97bedaa76476066a01b0539fce9"
vary: Accept,User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
cf-ray: 7f18c7272f619176-FRA
timing-allow-origin: *

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 102ms
102ms XHR
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=71006b84-cedd-4790-939c-a25b55352337&batch_time=1691172844661

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

cafaa624170b96f1fc947a59c1b51c7a2b00c2f1df6b9268ebe255e9dafa51ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 fffvip Show response
api.recurly.com/js/v1/plans/ 2 KB
2 KB 124ms
124ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/plans/fffvip?version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d8a00d17771d29140841bf23c7e21d86b08a4954a94f4af2f6b65ddf6656a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
server: nginx
age: 0
etag: W/"1d8a00d17771d29140841bf23c7e21d8"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300,public
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 2267
x-request-id: e46a2bce-3516-4fdf-a961-d129ee7f6744

POST rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0

GET
H3 200 fffvip Show response
api.recurly.com/js/v1/plans/ 2 KB
2 KB 123ms
122ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/plans/fffvip?version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d8a00d17771d29140841bf23c7e21d86b08a4954a94f4af2f6b65ddf6656a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
server: nginx
age: 0
etag: W/"1d8a00d17771d29140841bf23c7e21d8"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300,public
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 2267
x-request-id: e46a2bce-3516-4fdf-a961-d129ee7f6744

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame AE9C 580 KB
166 KB 11ms
10ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Requested by: Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33a9723f01b1a41b068eadd5594a8ebcbea84a40d3ebe2e8fff8def38bbd6bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:17:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 26 Jul 2023 11:33:49 GMT
server: nginx
age: 3402
etag: W/"64c1049d-90fee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169703

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 85FC 580 KB
166 KB 24ms
23ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Requested by: Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33a9723f01b1a41b068eadd5594a8ebcbea84a40d3ebe2e8fff8def38bbd6bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:17:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 26 Jul 2023 11:33:49 GMT
server: nginx
age: 3402
etag: W/"64c1049d-90fee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169703

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame 4827 580 KB
166 KB 21ms
20ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Requested by: Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33a9723f01b1a41b068eadd5594a8ebcbea84a40d3ebe2e8fff8def38bbd6bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:17:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 26 Jul 2023 11:33:49 GMT
server: nginx
age: 3402
etag: W/"64c1049d-90fee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169703

GET
H2 200 hosted-field.js Show response
js.recurly.com/hosted-field/v1/ Frame FDCD 580 KB
166 KB 14ms
14ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/hosted-field/v1/hosted-field.js
Requested by: Host: api.recurly.com
URL: https://api.recurly.com/js/v1/field.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 33a9723f01b1a41b068eadd5594a8ebcbea84a40d3ebe2e8fff8def38bbd6bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.recurly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:17:22 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 26 Jul 2023 11:33:49 GMT
server: nginx
age: 3402
etag: W/"64c1049d-90fee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169703

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 25ms
25ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 04:24:57 GMT
x-amz-version-id: ZPEMxUW7Ll9WtSZnscT_xiwSdZ8HfVdH
content-encoding: br
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C1
age: 3678548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 23 Jun 2023 04:05:30 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Shhv5uDgc7qQgAPMr7v7ZpnZG3ufE0Vu0Jh2ZUsCpo9aqVinXZTrzQ==

POST
H2 200 jcEETxr6Cv Show response
api.userway.org/api/tunings/ 2 KB
2 KB 524ms
166ms XHR
application/json 2600:1f14:5db:eb11:8dc0:e41:8a28:dbed
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/jcEETxr6Cv
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:8dc0:e41:8a28:dbed Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 03b30807a83cd160bbf21c057814912b950c6018e1bd60ad9a6212a1658b22b6

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
etag: W/"644-GMHejy0dpCSTFlpu3Hg0RDtOzUA"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usra590fd10d121476
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1604
x-service-version: uw-pr

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 140ms
140ms XHR
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=bd9689ac-51c7-4506-b29f-af0a4de3fd9e&batch_time=1691172844729

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

429b301da9e30a958af9815dbd66d25b071342cb5e8c4e998d38e45a22cbed75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 115ms
114ms XHR
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=5f4b3853-02ad-40be-a28b-ccdaef3b144d&batch_time=1691172844729

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

501ec107c9d539b71a6146cea55b1a897599f7b7ca3da791d534da740383ca97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 200 checksiteconfig Show response
hcaptcha.com/ Frame D2E0 682 B
879 B 53ms
38ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=2e8d33a&host=fabfitfun.com&sitekey=2fdab357-c1b1-4911-882f-610c4f6676a5&sc=1&swa=1&spst=0

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2e8d33a/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d149ac4c38a581ee5e0fbb1ae48f092a22bbdd7a7bba4b3fc89d18b9962a29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 7f18c727cf939b2e-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
alt-svc: h3=":443"; ma=86400

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 24ms
24ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 14:20:15 GMT
x-amz-version-id: aBv_PTxC.233EM9lKpoZanC9pnWI7oim
content-encoding: br
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C1
age: 1050830
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 23 Jul 2023 12:07:40 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Jx_9tjUHo4Ppqks50woyGH2gczmSwNjOkYQy3JJTNMsTrmpSsS_-gA==

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 173ms
172ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=318b9d28-eec2-42e7-a067-f30fe6bd1029&batch_time=1691172844841

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

d9d1c850dcb364718e71287366a527bc8fc212e9cb47efbf195ddc4375acafda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 143ms
142ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=80aa0774-e0f2-4447-8920-9c87d32dfb6e&batch_time=1691172844906

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

6008da0f4177893357298e2f9e64723bfe1688e9656325850cd4a1a16864614f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 thebest Show response
api.recurly.com/js/v1/coupons/ 364 B
386 B 127ms
127ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/coupons/thebest?plan_codes[0]=fffvip&version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 766fb94807dc6902e084f4ba6796d53e2fe019b664550a7591cca84b19fe375e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:04 GMT
via: 1.1 google
server: nginx
etag: W/"766fb94807dc6902e084f4ba6796d53e"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 364
x-request-id: f5db42e9-24e9-4b6d-853b-905b04f7c62f

GET
H3 200 thebest Show response
api.recurly.com/js/v1/coupons/ 364 B
386 B 243ms
243ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/coupons/thebest?plan_codes[0]=fffvip&version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 766fb94807dc6902e084f4ba6796d53e2fe019b664550a7591cca84b19fe375e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 google
server: nginx
etag: W/"766fb94807dc6902e084f4ba6796d53e"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 364
x-request-id: 5249ee69-0b30-46b2-ae40-fca17c759588

GET
H2 200 amplitude.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 19ms
18ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 23:59:44 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: vjZeycWoWFmmXdzijuaNvGXJejTo_QeB
x-amz-cf-pop: CDG50-C1
age: 5076861
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3181
last-modified: Wed, 03 May 2023 11:04:44 GMT
server: AmazonS3
etag: "949376aa55c1e7a26572d64a97dbe296"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: QdUW2iYb6bbQKuqs72R5v2LivqrmjOgBgTcdwUVQ1hoaQXACbFcjbw==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 19ms
19ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8177e6b6d34fc7ea9324821e4dbfe5666243cdf8fccfb4d5ea94197488b233e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 12:52:35 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: LNXJDDdq856loytbsn9zSSN6W.5VQIai
x-amz-cf-pop: CDG50-C1
age: 8313690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3272
last-modified: Wed, 19 Apr 2023 09:48:13 GMT
server: AmazonS3
etag: "bd22ed639222dbd150ce8ee07b6a344f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: vJ4JQeyLwJDAvj5MkAvUfetVprfu8T-JTV4-LaqLGRoPxFyWY4hQww==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 19ms
19ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdeff8f4b85d1358a45ecd2f233d99f493bc36db0108098e406057c3a852f714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:08:58 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: U5kMB2x0RgygYxtg2_nEHJV0aGmgVpTH
x-amz-cf-pop: CDG50-C1
age: 9180307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1655
last-modified: Wed, 19 Apr 2023 09:48:13 GMT
server: AmazonS3
etag: "b04d6abd606efeb8fa551a315a5b4e2a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: I9FkucH4wmltWxq250dw6rza188K4ifq3Gao_YpflnbcfZzlRNsmrw==

GET
H2 200 optimizely.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/ 7 KB
3 KB 20ms
19ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/optimizely/3.5.1/optimizely.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 644cf4035cd10ea86ef7eb30c06ff039dda60efb5ffe00022de69521d6ffa97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:07:36 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: dl.I.d2l7B0uAQsCTiWsewcDasSKX4B.
x-amz-cf-pop: CDG50-C1
age: 9180389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2588
last-modified: Wed, 19 Apr 2023 09:48:13 GMT
server: AmazonS3
etag: "078d355b7221ed5700acefc344e8aff5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: GJbR1LcMOHLMx2ICWkdwqjcjWvAikOauVADm2pfsKYi_0K-y8ihBPA==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f27ce19e9a4d161e1dac159a428d23ce1108c1a62900f47fed4d09e69b23333

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fa-arrow-right.svg
s3.amazonaws.com/dev-abtesting-assets/winter_master_2020/img/ 1 KB
2 KB 414ms
119ms Image
image/svg+xml 52.216.210.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/dev-abtesting-assets/winter_master_2020/img/fa-arrow-right.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1c1a268fd355da5205bb049f753b73a62793eda57394dab70e8d5982bd499692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 18:14:06 GMT
Last-Modified: Fri, 16 Oct 2020 19:05:22 GMT
Server: AmazonS3
x-amz-request-id: BD1CA73EW3A6B6MA
ETag: "02e2d6fbdbd8d3205c022d94bee75fbe"
Content-Type: image/svg+xml
Content-Disposition: attachment
Accept-Ranges: bytes
Content-Length: 1144
x-amz-id-2: qTDB0Idtw+e0roUo4EgIohMlpN0v/OUgCmO3bRS8D7p3OmWQ0Lsn5IJzNX5uCEY4sfcjr/B90bw=

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b22f24095cebf04cc720b33497fa7e4e6f17c20f5373c620e934ef3fc9217e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70d5e2f3da8ebb1d896cc0d6891ab3a124ebce6cd7feb3519d24d11c68164b84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3c32a8c6f75d7f2dc3c8bcbfcdf8dc6bebd5a5114e8ccf29cf22ed7036f0bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceaeb4a3d3c3a91bf23669b7d72284a1167f9850c7673a004dec6d0247133abd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc92abb9815563690cd472d891ec96e3d3a7d3e6e173131ab836679bd3bbe5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16853aed2895cb808fee0d4fc80d7a892e5a5af7a2e93a67cda475786888a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8c01b515cb6ffd2461538fc77cd87cfdf4de674385f665462d82be1c3cb5ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 38ms
38ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 23:33:51 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: _CDAHRpSMnFhUQgRIVvCIby4N2cITv0X
x-amz-cf-pop: CDG50-C1
age: 8793615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 17 Apr 2023 06:44:02 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: IPKbTPAeSGkAq6LXTIqNbMzStv42BUDQyovpMGEReHuF9pS-hQitOQ==

GET
H2 200 commons.568acceb1c0f167d77bb.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 40ms
40ms Script
application/javascript 99.86.90.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.568acceb1c0f167d77bb.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7kbHDCgVdd/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-90-76.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f96c128bce5e606e056a4ef23a17cad7a9bb0775713a62587f9f038501ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 10 May 2023 13:12:08 GMT
content-encoding: gzip
via: 1.1 8550fccb865aec06cbc12a054e9c2728.cloudfront.net (CloudFront)
x-amz-version-id: FbGdocEoWUpqKqPOxCWiE3PgBsiq0HkD
x-amz-cf-pop: CDG50-C1
age: 7448518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22236
last-modified: Wed, 19 Apr 2023 09:48:11 GMT
server: AmazonS3
etag: "5cc5b9bd3e22776a89fc7636504eae5e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: z9gdO6NqEU7x2wKiOT8tGwOiSUgd-UTnKGkzbS8ambJqKI_EVHh7cg==

GET
H3 200 thebest Show response
api.recurly.com/js/v1/coupons/ 364 B
386 B 190ms
190ms XHR
application/json 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.recurly.com/js/v1/coupons/thebest?plan_codes[0]=fffvip&version=4.25.7&key=ewr1-ycpV9efu2sbESBV83SpnqM&deviceId=cNeWdFdl82rthinC&sessionId=zBoEJjYUeN3ploeO&instanceId=4saDES8xicd3wYqA
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 766fb94807dc6902e084f4ba6796d53e2fe019b664550a7591cca84b19fe375e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 google
server: nginx
etag: W/"766fb94807dc6902e084f4ba6796d53e"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Type, Origin, User-Agent, X-Requested-With
content-length: 364
x-request-id: 49c218c3-8186-49b0-8560-63e30b574450

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 73ms
25ms Script
application/javascript 108.138.198.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.198.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-198-2.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 22:48:04 GMT
content-encoding: gzip
via: 1.1 8b43c21f9c34b66c25937255407175e0.cloudfront.net (CloudFront)
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop: MXP64-P2
age: 2229962
x-cache: Hit from cloudfront
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7oViosGo74PYPLL9BuKVuPGB9MeGBIBANaSMrbeLxFBRtgmur7pxFA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.568acceb1c0f167d77bb.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Aug 2023 18:14:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: CMKqsM5S/qo71N3cxtFwp0G3NF97BjcDnLKMuSncEf2yMFqbVFYnskVA2JsFns9nNFUm1LwWD3lzRExBVJNbBA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
70 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-805503010

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.568acceb1c0f167d77bb.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39489d5c658ef5201fd0aee275159ac9f986acdffe2deb3eadeb3e05aa9db1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 18:14:05 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 558ms
185ms Fetch
application/json 34.223.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-74-168.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fabfitfun.com
date: Fri, 04 Aug 2023 18:14:05 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 104ms
102ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=989de357-78b5-4668-a366-42e97da88581&batch_time=1691172845133

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a6e252d26d78e1c30e2bc88533df0df63d44633918a3d81588f4464f89cdc304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/ 3 KB
1 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805503010/?random=1691172845162&cv=11&fst=1691172845162&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&hn=www.googleadservices.com&frm=0&tiba=FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle&auid=1488524696.1691172842&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-805503010

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21327e5fce0fb9c980e24d540b4d39d13d96818152b0606824b197e32850d5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 409241942540187 Show response
connect.facebook.net/signals/config/ 383 KB
109 KB 80ms
79ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/409241942540187?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e46e8e829dd4d1418d170ea0b3bec62aff57201836eab73b1745f91865d96bfa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Aug 2023 18:14:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ObMf0hcbKo7xq+8fXlHC5fmGouh3FbT6kTUCPM2+huGLo3MfUYhXrHp921cbYkqZbcFhzFrmURXznZxwXPCM9g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/805503010/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/805503010/?random=1691172845162&cv=11&fst=1691172000000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&frm=0&tiba=FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1204501805&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/805503010/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/805503010/?random=1691172845162&cv=11&fst=1691172000000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&frm=0&tiba=FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1204501805&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-08-04-12-11-59/locales/ 497 B
919 B 24ms
7ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-08-04-12-11-59/locales/en-US.json
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 890f5d6859bb913dc2935ad99403a1fe79e9a26b83def87e97c1b413a34efbef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 31
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 20830
x-accel-date: 1691152015
x-77-nzt: AcO1rw58xWL/XlEAAA
x-accel-expires: @1717072015
last-modified: Fri, 04 Aug 2023 12:14:56 GMT
server: CDN77-Turbo
etag: W/"a42e1bd18cbcb1cd41143b86100e120d"
x-77-nzt-ray: 90833930b2cdf7d2ed3fcd640a372810
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: MOGkCFiUKZkOsezL4MjsoPT__y9w-4uFmNpz0CAdDqSTf5aYkBLvfA==

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
304 B 149ms
148ms Fetch
application/json 2600:1f18:24e6:b900:d898:d22b:959b:4d36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=18277eea-cd24-4e01-a5f9-0c7d808c3095&batch_time=1691172845303

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d898:d22b:959b:4d36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

625857ad3e946174bc0e4b5d32e741ac1463d2376a21b71d874a6631482ab6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 18:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 41ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=PageView&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&rl=&if=false&ts=1691172845314&sw=1600&sh=1200&v=2.9.121&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1691172845311.952065462&cs_est=true&it=1691172845192&coo=false&dpo=&eid=ajs-next-1eca69dab7d6cefbb31b77abd35acdb2&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Aug 2023 18:14:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H/1.1 200
OK events
logx.optimizely.com/v1/ Frame 0
0 476ms
149ms Preflight
text/plain 52.3.93.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.93.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-93-213.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Fri, 04 Aug 2023 18:14:05 GMT
Server: nginx/1.21.0
X-Request-Id: cd199686-fc89-428f-a391-e3a3546f2cdc

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
358 B 105ms
103ms XHR
text/plain 52.3.93.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.93.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-93-213.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fabfitfun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Aug 2023 18:14:05 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://fabfitfun.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 72354e66-06a5-4047-afe4-04c2b82ca49c

GET
H2 200 remediation_1691151119488.js Show response
cdn.userway.org/widgetapp/2023-08-04/remediation/ 154 KB
41 KB 26ms
25ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-08-04/remediation/remediation_1691151119488.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-08-04/widget_app_base_1691151119488.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 13f6411b6f25fa7c3bbaa10e365b6acdf8dea83d65215cf1fe93570f30a8d0ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 25
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 20834
x-accel-date: 1691152011
x-77-nzt: AcO1rw4YWfr/YlEAAA
x-accel-expires: @1717072011
last-modified: Fri, 04 Aug 2023 12:14:57 GMT
server: CDN77-Turbo
etag: W/"d7343e6394bc699bd009d6dec6a886e1"
x-77-nzt-ray: 90833930d2cd68bfed3fcd646b40482d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: Ixgn7d-zhGJ4stdqBoBmQ1r9gEU2PHDSyb_B-l5cNB5IMm9VduLKfA==

GET
H2 200 V9uvZ3e2WT1ykmGI.json Show response
cdn.userway.org/remediations/consolidated/743954/ 968 KB
180 KB 27ms
27ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/743954/V9uvZ3e2WT1ykmGI.json
Requested by: Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 230d7d9a5dc6769ebe324e1263a50c48959bd2784b3566ee5092dcf8654070bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 156142
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 125854
x-accel-date: 1691046991
x-77-nzt: AcO1rw5lZlT/nusBAA
x-accel-expires: @1722582991
last-modified: Wed, 05 Apr 2023 03:08:34 GMT
server: CDN77-Turbo
etag: W/"be3882978e75d4e4e6bfe2e11fc02829"
x-77-nzt-ray: 90833930b2cdf7d2ed3fcd644ce4452d
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: 7fzp2b_3UDV2_8UWqPmytMjvn9W2v3QKLcHTba91gtmaJAs1AC28eg==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 20ms
20ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 388
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4353902
x-accel-date: 1686818943
x-77-nzt: AcO1rw7DK0j/bm9CAA
x-accel-expires: @1712738943
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 90833930d2cd68bfed3fcd6453274f2e
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: Cvg8rC0Zfq3MhycPcr4pi1hPDxVe2yJVWzglYVIpG5_uq4YIhu6w5w==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:05 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 388
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 4353902
x-accel-date: 1686818943
x-77-nzt: AcO1rw51rOz/bm9CAA
x-accel-expires: @1712738943
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 90833930d2cd68bfed3fcd648743542e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: NSZ4J0zJTOA1nCmC50K5IBx0519YpfZJgVOaBQ7wkt9LucHYSAaoEw==

POST
H2 202 5f90aeab892e740961596bba Show response
events.launchdarkly.com/events/bulk/ 0
344 B 179ms
177ms XHR
application/json 52.71.237.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f90aeab892e740961596bba

Requested by

Host: scontent01.fabfitfun.com
URL: https://scontent01.fabfitfun.com/gtb/cdn/c3f2bad82a6c58a4b6a999aac4fd5de8d95f7b9c-fe77f5476574ee8fbf27.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.71.237.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-237-94.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: b2ff1500-32f2-11ee-8d23-0deb65c7a327
X-LaunchDarkly-Event-Schema: 3
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.19.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json
Referer: https://fabfitfun.com/
X-LaunchDarkly-Wrapper: react-client-sdk/2.22.2

Response headers

date: Fri, 04 Aug 2023 18:14:06 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5f90aeab892e740961596bba
events.launchdarkly.com/events/bulk/ Frame 0
0 96ms
95ms Preflight 52.71.237.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f90aeab892e740961596bba

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.71.237.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-237-94.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://fabfitfun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 04 Aug 2023 18:14:06 GMT
strict-transport-security: max-age=31536000

GET
H2 200 nav_menu_helper1691151119488.js Show response
cdn.userway.org/widgetapp/2023-08-04/remediation/ 23 KB
7 KB 19ms
17ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-08-04/remediation/nav_menu_helper1691151119488.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-08-04/widget_app_base_1691151119488.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3da67eea62e1ab59869bb1cf2ec1fd94c914747b3cf346d5ee0947ac72e68c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 04 Aug 2023 18:14:06 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
age: 496
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 20928
x-accel-date: 1691151918
x-77-nzt: AcO1rw6J9eT/wFEAAA
x-accel-expires: @1717071918
last-modified: Fri, 04 Aug 2023 12:14:57 GMT
server: CDN77-Turbo
etag: W/"ad0c0151c4287b35a47b22e01bdb5a9e"
x-77-nzt-ray: 90833930d2cd68bfee3fcd6454d45d30
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: Djuf5Nt-_KEQWRtL9ZZ-tT74fICbs2qq2kjU3fC2Wdahj7EUbbl1cg==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 10ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=409241942540187&ev=Microdata&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&rl=&if=false&ts=1691172846883&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22FabFitFun%20-%20Beauty%2C%20Fitness%2C%20Lifestyle%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1691172845311.952065462&it=1691172845192&coo=false&dpo=&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Aug 2023 18:14:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-98X0XSJ12P&gtm=45je3820&_p=1478000689&cid=1756373922.1691172843&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1691172842&sct=1&seg=0&dl=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&dt=&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98X0XSJ12P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fabfitfun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 18:14:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fabfitfun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Domain: rum.browser-intake-datadoghq.com
URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=f76b901f-06c7-4909-9589-f4d8c17c0655&batch_time=1691172844561

Domain: rum.browser-intake-datadoghq.com
URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=70841787-dbb2-4b1e-95d4-f2f5731137a1&batch_time=1691172844664

Domain: rum.browser-intake-datadoghq.com
URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Agtb&dd-api-key=pub6383f187afc62de28730102574f8ca45&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=f44c071b-69d3-46e0-97bb-67927390d2aa&batch_time=1691172844664

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fabfitfun.com/	1970-01-20 13:47:39	Name: iterableEmailCampaignId Value: 7378793
.fabfitfun.com/	1970-01-20 13:47:39	Name: iterableTemplateId Value: 9831965
.fabfitfun.com/	1970-01-20 13:47:39	Name: iterableMessageId Value: bce835803f62427eb6ba4b6a44801937
.fabfitfun.com/	1970-01-20 22:31:48	Name: iterableEndUserId Value: diana.torres%40acuity.com
links.fabfitfun.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 401b255d4e3792181832e445b004e76e892afc4d-1691172841887-8c153003b54b0394c5d29f80
.fabfitfun.com/	1970-01-20 15:55:48	Name: _gcl_au Value: 1.1.1488524696.1691172842
.fabfitfun.com/	1970-01-20 13:47:39	Name: _gid Value: GA1.2.672863370.1691172843
.fabfitfun.com/	1970-01-20 13:46:12	Name: _dc_gtm_UA-15829841-1 Value: 1
.fabfitfun.com/	1970-01-20 23:22:12	Name: _ga Value: GA1.1.1756373922.1691172843
.w55c.net/	1970-01-20 23:15:36	Name: wfivefivec Value: G7d2TrfK1QrZjk2
.fabfitfun.com/	1970-01-20 23:22:12	Name: _ga_98X0XSJ12P Value: GS1.1.1691172842.1.0.1691172842.0.0.0
.fabfitfun.com/	1970-01-20 23:22:12	Name: _ga_CDKQ0W76S0 Value: GS1.2.1691172842.1.0.1691172842.60.0.0
.doubleclick.net/	1970-01-20 23:07:48	Name: IDE Value: AHWqTUkhqiBzA5vvuo9QbhPedchwe6SaNp2JeZucJI5b2Ex9W2tl5eNoRMGJQ-10
fabfitfun.com/	1969-12-31 23:59:59	Name: amped-8rrned8-sessionId Value: "55069cf9-73c3-49ef-9fb1-4e265c127954"
.fabfitfun.com/	1970-01-20 22:31:48	Name: _pin_unauth Value: dWlkPU9EQmpNVFUyWlRRdFpUWXdOeTAwTUdNNUxUZ3dOalF0WVdWbVpqVmlPVFEzWTJRMA
.ct.pinterest.com/	1970-01-20 22:31:48	Name: _pinterest_ct_ua Value: "TWc9PSZqU3pDMENaUUZ1QXM3bENFSzFJbkJkNVRwZTlIbWlnbTc3ZGYrVXNJbnNWak9FZ0czcnR4QmV1K0lNTk5wNjY4cmlxeUVoSVZvOTl1TWlndGxhalpwVTVqUW9xNForUytpaUU5QUoyaytoYz0mYUdMRjFod1NUck5FSDNyaFdyRFU1cittQWZZPQ=="
.fabfitfun.com/	1970-01-20 22:31:48	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Aug+04+2023+18%3A14%3A02+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=f9e5ee3d-29de-4291-bd99-ba5226956fa4&interactionCount=0&landingPath=https%3A%2F%2Ffabfitfun.com%2Fget-the-box%2F%3Fplanselection%3Dtrue%26coupon_code%3Dthebest%26planCode%3Dfffvip%26utm_source%3Dcrm%26utm_medium%3Demail&groups=C0002%3A0%2CC0004%3A0%2CC0003%3A0%2CC0001%3A1
fabfitfun.com/	1970-01-20 23:22:12	Name: _tq_id.TV-45633636-1.b0b8 Value: c669018a83650cc6.1691172843.0.1691172843..
.amazon-adsystem.com/	1970-01-20 19:33:15	Name: ad-id Value: A1maMRbCJ0WEncDrFvPe1JM
.amazon-adsystem.com/	1970-01-20 23:22:12	Name: ad-privacy Value: 0
.fabfitfun.com/	1970-01-20 13:46:14	Name: sm_session_info Value: {%22sessionId%22:%2212bcd133-10ed-4f28-9bd0-d3a0eddb1af5%22%2C%22sessionCreationDate%22:%222023-08-04T18:14:03.969Z%22}
.fabfitfun.com/	1970-01-20 22:33:15	Name: _vwo_uuid_v2 Value: DABD89C333673B04977193A82FB5E9D6F\|a94dd335bb675d9c040a52e08fb6ef7a
.fabfitfun.com/	1970-01-20 16:10:12	Name: _vis_opt_s Value: 1%7C
.fabfitfun.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.fabfitfun.com/	1970-01-20 23:22:12	Name: _vwo_uuid Value: DABD89C333673B04977193A82FB5E9D6F
.fabfitfun.com/	1970-01-20 15:55:48	Name: _vwo_ds Value: 3%241691172844%3A84.7411843%3A%3A
.fabfitfun.com/	1970-01-20 13:46:14	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.fabfitfun.com/	1970-01-20 16:10:12	Name: _vis_opt_exp_125_combi Value: 1
.fabfitfun.com/	1970-01-20 16:10:12	Name: _vis_opt_exp_127_combi Value: 3
.bidswitch.net/	1970-01-20 22:31:48	Name: tuuid Value: f8ac9ab7-e42c-40a4-8144-4b03d7d4cc27
.bidswitch.net/	1970-01-20 22:31:48	Name: c Value: 1691172844
.bidswitch.net/	1970-01-20 22:31:48	Name: tuuid_lu Value: 1691172844
abtesting.fabfitfun.com/	1970-01-20 13:56:17	Name: AWSALB Value: 6rSqC9Xb9mCKQCpomYsaviK8sOEcUQHdMoRS3pMo8XT9OfMRS63QXqMJhBPxhG5vvLTXsTWZW55qoP8UYFJ4loRs8jvqRdcBGVFh8meb+0A2QEYwwdqKOEiwYk8N
abtesting.fabfitfun.com/	1970-01-20 13:56:17	Name: AWSALBCORS Value: 6rSqC9Xb9mCKQCpomYsaviK8sOEcUQHdMoRS3pMo8XT9OfMRS63QXqMJhBPxhG5vvLTXsTWZW55qoP8UYFJ4loRs8jvqRdcBGVFh8meb+0A2QEYwwdqKOEiwYk8N
.agkn.com/	1970-01-20 22:31:48	Name: ab Value: 0001%3AWpQbUjfU%2BpWezZrQLSbL2kDe4JtJ8Jsr
.360yield.com/	1970-01-20 15:55:48	Name: tuuid Value: 6723c115-aa48-417d-b1cd-b4ced265ec85
.360yield.com/	1970-01-20 15:55:48	Name: tuuid_lu Value: 1691172844
.yahoo.com/	1970-01-20 22:32:10	Name: A3 Value: d=AQABBOw_zWQCECjb_V288qjPCWOjrdw5_VAFEv__AP8AAAAAAOAKyiMAAAAAgA&S=AQAAAmCmUL08Daz9RpmeiACQXmE
.360yield.com/	1970-01-20 15:55:48	Name: um Value: !416,3trTqCG2ltvFU.erMOa99kbd,1698948844
.360yield.com/	1970-01-20 15:55:48	Name: umeh Value: !416,0,1753380844,-1
.bluekai.com/	1970-01-20 18:11:10	Name: bku Value: b/X99mydpVxsLAQJ
.bluekai.com/	1970-01-20 18:11:10	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.demdex.net/	1970-01-20 18:05:24	Name: demdex Value: 75645220879895921461528191126340109121
.tremorhub.com/	1970-01-20 22:32:09	Name: tvid Value: 2d7f7624b9204ac99744c617b35cdb5b
.tremorhub.com/	1970-01-20 23:22:12	Name: tv_UIAM Value: dda8c044b1fa46aa8c2e68b8c6b6a92b
.adform.net/	1970-01-20 14:30:51	Name: C Value: 1
.dpm.demdex.net/	1970-01-20 18:05:24	Name: dpm Value: 75645220879895921461528191126340109121
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1691172844_1
.serving-sys.com/	1970-01-20 14:29:24	Name: u2 Value: 5fbb22bf-633c-4f06-bdca-48b76836a3194NR060
.adform.net/	1970-01-20 15:12:36	Name: uid Value: 8134436932547714999
ads.samba.tv/	1970-01-20 23:17:53	Name: sambapxid Value: 119daa0c5fda39532
.casalemedia.com/	1970-01-20 22:31:48	Name: CMID Value: ZM0-7eNA0gZVFoasrf7.igAA
.casalemedia.com/	1970-01-20 15:55:48	Name: CMPS Value: 5176
.casalemedia.com/	1970-01-20 15:55:48	Name: CMPRO Value: 5176
.fabfitfun.com/	1970-01-20 22:31:48	Name: ajs_anonymous_id Value: 0c174157-7a0b-4a8b-bd66-e1e9cdfcdd15
.adnxs.com/	1970-01-20 15:55:48	Name: uuid2 Value: 5279836834366819884
.mediarithmics.com/	1970-01-20 22:31:48	Name: mics_vid Value: 46854836285
.mediarithmics.com/	1970-01-20 22:31:48	Name: mics_uaid Value: web:1:af81c07a-8908-459d-8343-5a86a1472de1
.mediarithmics.com/	1970-01-20 22:31:48	Name: mics_lts Value: 1691172845132
.semasio.net/	1970-01-20 22:31:48	Name: SEUNCY Value: 64DD25643D4F29C1
.ispot.tv/	1970-01-20 23:22:12	Name: pt Value: v2:19c3cd0ea7b1836f41737e4f5749670c26115956a475cb1ab23f2e3f0d2f10a9\|6d02bf33fca01297d89a8809c89bb58054f3e0df2084100a8bab44f015d464f4
.fabfitfun.com/	1969-12-31 23:59:59	Name: amplitude_idundefinedfabfitfun.com Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.fabfitfun.com/	1970-01-20 23:22:12	Name: amplitude_id_caa6506e713bcb4ae1f30df83e37adc3fabfitfun.com Value: eyJkZXZpY2VJZCI6ImJiOTBlMzBiLTI5ZDktNDQ5Zi1iZjdlLTdlYzUxMTY0MGJkM1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY5MTE3Mjg0NTIwNSwibGFzdEV2ZW50VGltZSI6MTY5MTE3Mjg0NTIwNywiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9
.pubmatic.com/	1970-01-20 13:47:39	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 22:31:48	Name: KADUSERCOOKIE Value: CD5193FD-5FC9-46D0-A633-A21D3AE058CC
.fabfitfun.com/	1970-01-20 15:55:48	Name: _fbp Value: fb.1.1691172845311.952065462
.ninthdecimal.com/	1970-01-20 22:31:48	Name: ndat Value: LU+Ry2TNP+08JzRSkTuoAg==
fabfitfun.com/	1970-01-20 13:46:13	Name: _dd_s Value: rum=2&id=e4b58195-fead-4e45-b945-3c9c78299094&created=1691172844087&expire=1691173744095&logs=1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to load the script 'https://public.profitwell.com/js/profitwell.js?auth=e5b1589c47640df501a3f4a5eccb4bd1' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .fabfitfun.com .recurly.com .amazonaws.com .ada.support www.dwin1.com .google-analytics.com .doubleclick.net www.googleadservices.com www.googletagmanager.com .hcaptcha.com hcaptcha.com .exitintel.com .facebook.net .facebook.com .tiktok.com .cookielaw.org .segment.com .tvsquared.com .onetrust.com .adsrvr.org sc-static.net .zdassets.com .crrnt.app .pixlee.com .roeyecdn.com .amplitude.com .bing.com .googleapis.com .exitintel.com .jsdelivr.net .datadoghq-browser-agent.com .gladly.com .braintreegateway.com .paypal.com .cloudflare.com .hotjar.com .clarity.ms accessibilityserver.org .userway.org .tryamped.com .pinimg.com .ads-twitter.com .amped.io .visualwebsiteoptimizer.com *.amazon-adsystem.com blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
abtesting.fabfitfun.com
accessibilityserver.org
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
api.recurly.com
api.segment.io
api.userway.org
app.amped.io
app.launchdarkly.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn.amplitude.com
cdn.cookielaw.org
cdn.optimizely.com
cdn.segment.com
cdn.userway.org
clientstream.launchdarkly.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
collector-5366.tvsquared.com
connect.facebook.net
content.fabfitfun.com
cookie-matching.mediarithmics.com
ct.pinterest.com
customize-api.fabfitfun.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
events.launchdarkly.com
events.tryamped.com
fabfitfun.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hcaptcha.com
ib.adnxs.com
image6.pubmatic.com
js.hcaptcha.com
js.recurly.com
lciapi.ninthdecimal.com
links.fabfitfun.com
lm.serving-sys.com
loadus.exelator.com
localization-api.fabfitfun.com
logx.optimizely.com
match.360yield.com
newassets.hcaptcha.com
odr.mookie1.com
pi.ispot.tv
public.profitwell.com
region1.analytics.google.com
region1.google-analytics.com
res.cloudinary.com
rum.browser-intake-datadoghq.com
s.amazon-adsystem.com
s.pinimg.com
s3.amazonaws.com
sb.scorecardresearch.com
scontent01.fabfitfun.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
tags.w55c.net
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
rum.browser-intake-datadoghq.com
sync.search.spotxchange.com
t.myvisualiq.net
104.16.169.131
108.138.198.2
13.32.110.22
13.32.110.34
13.32.99.23
141.226.228.48
142.250.186.66
143.204.231.104
15.197.213.252
151.101.66.132
151.101.66.217
172.217.16.194
18.158.157.188
18.165.183.33
18.173.188.94
18.173.189.135
18.195.75.15
185.80.39.216
198.47.127.19
2.16.202.106
2001:4860:4802:34::36
212.82.100.182
23.206.208.183
2600:1f14:5db:eb11:8dc0:e41:8a28:dbed
2600:1f18:24e6:b900:d898:d22b:959b:4d36
2600:1f18:612b:4280:9572:897d:1714:1b9b
2600:9000:2304:6000:1a:c126:2b00:93a1
2600:9000:2490:2600:1c:3a7d:6c40:93a1
2606:4700::6812:1d26
2606:4700::6812:aa72
2606:4700::6813:a641
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c1b::9d
2a02:26f0:480:582::1931
2a02:26f0:480:5b0::13b8
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.120.19.63
3.143.48.135
3.220.32.191
3.226.22.114
3.64.163.89
3.71.161.69
3.75.62.37
34.160.236.64
34.194.240.189
34.223.74.168
34.252.43.226
34.254.143.3
34.96.102.137
34.98.107.242
35.158.34.195
35.244.159.8
37.157.6.254
37.252.171.149
45.79.145.203
52.216.210.112
52.3.93.213
52.46.155.104
52.71.237.94
54.158.159.241
54.217.88.245
54.227.212.212
54.36.150.184
69.173.144.165
72.246.169.24
77.243.51.122
99.86.90.76
03b30807a83cd160bbf21c057814912b950c6018e1bd60ad9a6212a1658b22b6
06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9
10a40506eca24c2ee0a0ee3353aae3a5442db43cfcf370ff1ca514fb05f8dc03
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
13f6411b6f25fa7c3bbaa10e365b6acdf8dea83d65215cf1fe93570f30a8d0ba
18acd8d95decdc00f837bf2d9b7a4c9d17e5d6fdc7fe07a8165b5d7bc5a0e9c0
18b22f24095cebf04cc720b33497fa7e4e6f17c20f5373c620e934ef3fc9217e
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
1b5c178beb056b9e623a1b67bce701ae7affc7328c017f2ab6842fa93404d5ca
1c1a268fd355da5205bb049f753b73a62793eda57394dab70e8d5982bd499692
1d8a00d17771d29140841bf23c7e21d86b08a4954a94f4af2f6b65ddf6656a8b
21327e5fce0fb9c980e24d540b4d39d13d96818152b0606824b197e32850d5b9
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
230d7d9a5dc6769ebe324e1263a50c48959bd2784b3566ee5092dcf8654070bb
25eb882b611b92a3d14efac8ccf6d090d4c0e2ed2a77aba20c5743b21c7d96bb
26af7b96b3f646da936c94809fe4019c0b326b5b68d3934ec3cfaedc7f03da40
2f0057da1a175e92b78369bb9f528803614710cc9287e0d68564b5b7ee82ee1b
30755ac2fe2350a3d518abff28db7ea52cba983183a03292671ab46cffeeda7a
30d5a0714b96a8452a673229f44f29937da6e2f8b7b229da85d6e0e8c2dd0600
320c349e996c332ecd165bfe2c49114a75bf4e33e933ba88839d3a6e93c569f4
32c4ee7b86ff809af829005d8c657c66417e5e10a82c2d62c52a1dbc3d129cac
33435bdf976b70f5b83f066b2884107a2b9d5f799c5fbab4c544b747e63043ad
336b9bf639c8ba0eca42da49d8d3d3b7885509abfc45ed8537996f7ba65fb3a1
33a9723f01b1a41b068eadd5594a8ebcbea84a40d3ebe2e8fff8def38bbd6bf5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39489d5c658ef5201fd0aee275159ac9f986acdffe2deb3eadeb3e05aa9db1d0
394bdc3537d615423a88454a3231027871a83c31cdddf6a7c5e1ddef0a3319b7
3ce4d1851a3e2a7210ef63046bdcbe3cf6885c35b441473b1acc8226c7d8ed9f
3d1b5a8511d6b24dabe2dfd840eb18811fda5f2fe4473f723dfd07f7710a9d16
3d36babc52b2ea335bd753753f4b5ede95ef9cdc2d0940b226ceb59e3f73533b
3da67eea62e1ab59869bb1cf2ec1fd94c914747b3cf346d5ee0947ac72e68c14
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3f27ce19e9a4d161e1dac159a428d23ce1108c1a62900f47fed4d09e69b23333
4222a15a2598b472eac5668820b704683f3a9a13ad72f14cd14d2b789aaac2b2
429b301da9e30a958af9815dbd66d25b071342cb5e8c4e998d38e45a22cbed75
42ff97a7d4f36d0e2c67a0de0a41ffba54d1890e85bd1b39b60b018ee50ac078
43fc92abb9815563690cd472d891ec96e3d3a7d3e6e173131ab836679bd3bbe5
46b6836cd9b12c11f60222861f0716d0a93d25e027746967965a026429d4f56f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4a2d5dd18965ad9c22fa314838fe702551bd543ce69d5cbfa73a44244d44f813
4a338f6962758843a42b0a3753bc4c64b3e9edf24c6c13d5c2079c7a37f8fda5
4a4b16bd4effe0c5c198218142c1744693a51701b0eb437cb7ce4a0faa90e6ea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
501ec107c9d539b71a6146cea55b1a897599f7b7ca3da791d534da740383ca97
558feae7cfc7d44fc58e8a86202e4531b59c7efc1406a2e10dae41122c3f40a3
56cd065913e65d2faba6615b1814bb618aa9d8e20ab415d487487bd0d28dc645
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbd01f40d2f00f41fdd519deaaa773cf381971ac62a3db6db5fc2ffa784b130
60048cb0f7b15f21735e36e96acc6a4f36c17827faacfd0606f52831357dac84
6008da0f4177893357298e2f9e64723bfe1688e9656325850cd4a1a16864614f
625857ad3e946174bc0e4b5d32e741ac1463d2376a21b71d874a6631482ab6b1
64083cdda378ca18bc5e6db063bb34e05f4dc9c227f1a9544178979e28d85bf5
644cf4035cd10ea86ef7eb30c06ff039dda60efb5ffe00022de69521d6ffa97b
6604083ae71cc792724fc7044fad943a093c8f92616af02eb1b336a1c2995f72
682b27e54462f82c7d74362de52e2aa29a0a0fa5edc381d664970eb94470fc5c
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
696e991097d05fe86a5460a2aeb1b2f5f96d87c9b4f60f042ea2c4b1c8ba1c57
70d5e2f3da8ebb1d896cc0d6891ab3a124ebce6cd7feb3519d24d11c68164b84
7530f35d2198d075554b483d4b8bd29890a7f5ec7a0be94acf2ad401f67c9146
756a5701e5c5930b0807e59cb097016fd9f08d60b4da988eba1ce877bc16062f
760a27df1905957a833c6e5014bcb285d2059ceb38535c6bff2e410ed5598557
766fb94807dc6902e084f4ba6796d53e2fe019b664550a7591cca84b19fe375e
784a48eb8bf25e32cc50465c15a92796f71e9eb2046de3d07dc5caf70d356fb5
799d81e407b92a5c1376de34460ef07843e3eb5242ad37dff2f492aecb06f2de
79d79df258bd4b35faa747126d580d0018b5c06b9b4f3f46869f8339698fdf8c
7bde075b603a6b33d3710c81e7226747d43c2f0bdbc16bcb00abd872d8e4b709
7d149ac4c38a581ee5e0fbb1ae48f092a22bbdd7a7bba4b3fc89d18b9962a29d
8177e6b6d34fc7ea9324821e4dbfe5666243cdf8fccfb4d5ea94197488b233e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84daa56e647b81934364aad5d750e9981bed70a3b69d4adb091378468c96d9cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
890f5d6859bb913dc2935ad99403a1fe79e9a26b83def87e97c1b413a34efbef
8feb263ba7d07f9eaaff7f2eac8130c4306e729e24b1e5a6176a7d20d866e986
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90aab0730881396779df204831a04ccc34ab402940edd93d34aafba82bfca852
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
95c56d732024ad62bfaf569826b82276bf78b88842446cbb1c8af6e27b273e63
96179687fd74e6a3f6f7187f01d183a4d00ee25f491a741a78c3766e453e0691
96b892f6c645029f6744c68ce373bcd3ed5465ce0c098308f42c1ebfd93b21bf
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
a0e7f5eecc58e17df85c5f0b8ca223d04516b526e4070f71c3f1532abbe2b58c
a18cff2d451ed9bf8cffa5d68ec1d3328708469aa98ff1a66c9b96d60978f511
a27592a6aa13e31e6d4979f39610b643bd329c07aed42f6a180d8f1f05b5d807
a343a0cd13c7127e1990d4bef9b360f36092dbf89beb490bfbdd1014c7f13f5e
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a53f8e5bc0703f96518431118dcd71e19185da78beb3fb4ad76c68216b3e616a
a54a66682fcc0bc80c067b1e6ca5ae6f2e13e134ce08757a606223425ddabe6b
a6e252d26d78e1c30e2bc88533df0df63d44633918a3d81588f4464f89cdc304
ab6456ef0246f3d40fdb403bd81fed03ba17c7541266b465f06cc32f86649a73
af337291fc200952113c637155f4823ccc170d4f25805b5d4c428f6c96898e00
af784e605379b4910f8d9aa6b04db32fe15085535d21106abb29b6d7e5ee3641
b02d98c270382089ce2e01e97d87bc98b78c8faf50bc711ab968a803d755fbc2
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b1eaf0a5c29e6118812c0280abcbcaf007d75c4dc52d2a962979ff2727b1d8a8
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b836876c6014c346a749c23f680845562679daf29c640c99a3d92797a6244b4d
b8c01b515cb6ffd2461538fc77cd87cfdf4de674385f665462d82be1c3cb5ca1
bd7370d649a9bce4f88882668a9fbb4c69c034233dfd27ce6d910918043da3d2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29aeb627920951e58e9620c120ee606bef9fc80ada4ef9f88fdd3ef942bcaff
c3c32a8c6f75d7f2dc3c8bcbfcdf8dc6bebd5a5114e8ccf29cf22ed7036f0bfc
c449662e4731bf25b29560bb3d326aab27def2313e9de35f49c630828b268787
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5710dbc4f5f6f127338e9d4d6146c05e0d10ab9f5e668e943f56a7164d0a7b2
c5722b817ef1be922cf4b0f2cf283236efdb174ce31c3e8a741069350d74cc40
c5f76f6b31c4863c12f6a316251c95daea7071e1dd2f16e32b703b022abe886b
cafaa624170b96f1fc947a59c1b51c7a2b00c2f1df6b9268ebe255e9dafa51ea
cd32977f6b412ada0ed072a72040d44a0b734378aead5896e1faa300df0f1406
cdeff8f4b85d1358a45ecd2f233d99f493bc36db0108098e406057c3a852f714
ceaeb4a3d3c3a91bf23669b7d72284a1167f9850c7673a004dec6d0247133abd
d4f96c128bce5e606e056a4ef23a17cad7a9bb0775713a62587f9f038501ce15
d8ca344f4e5189c44e55b344ef86d6a253aaec1fa72ca202809ef53aea996877
d9d1c850dcb364718e71287366a527bc8fc212e9cb47efbf195ddc4375acafda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e16853aed2895cb808fee0d4fc80d7a892e5a5af7a2e93a67cda475786888a6a
e1ba1b53707d01f5489e83bff84a6c85b85fa225a5a60fb109f628a3ec481ab5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46e8e829dd4d1418d170ea0b3bec62aff57201836eab73b1745f91865d96bfa
e6c0782fdf85dfd89752bf3c6ebbb75cf63f7a3c891b5f359757eaf9c1632719
e91b80678c5813dbb5f3fd19c6999b64d7e9b1b85edaff78c0071af1943a798d
e9e1e78ef7f34a6a9161f7609e9c63e510444741bccbb49f32ba464431e32fd2
ea8acd4e05d2a61585d21cf2c5232ce7d8fc30a8de31008333bdcb7c74f053b0
eac6cf439c2bd6b45fd080e597d4601e5d9358f0ee07f47497b30ce9e808bb5b
edc17f2c0fe73518de4768de0a777caee2dddb3b4262568501534ba035bab235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f2a83c9ceeb7396a0d125004704f18f5f479933dca64a825d9b26a4ee53edac2
f2d7b8bf5b83ef5a6bac5bb565ca8a6b6144c0f5362605c294cf5e50c876db39
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa83356fe1ba875d10b4252efdcd055132d69f9c160a5ebef2be01438545c93d
fdd91eab13856db2e77f3cb437babdf06cc400246aa555b0faad2f4e2f33e5e0
ff07030df73a8cb5c7fd2929f4a15784fc68c0e00f52df19d38041b65719aaf9

fabfitfun.com Open in urlscan Pro 54.158.159.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

85 %HTTPS

29 %IPv6

62 Domains

82 Subdomains

51 IPs

9 Countries

3281 kBTransfer

11411 kBSize

68 Cookies

20 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

fabfitfun.com Open in urlscan Pro
54.158.159.241 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

85 %
HTTPS

29 %
IPv6

62
Domains

82
Subdomains

51
IPs

9
Countries

3281 kB
Transfer

11411 kB
Size

68
Cookies

209 HTTP transactions
9 data transactions