urlscan.io logo urlscan.io
SecurityTrails logo

offer.fevo.com Open in urlscan Pro
52.70.133.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Effective URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Submission: On February 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 68 HTTP transactions. The main IP is 52.70.133.108, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is offer.fevo.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 5th 2020. Valid for: 3 months.
This is the only time offer.fevo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 199.30.234.131 13380 (ASN-CUST)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 67.199.248.12 396982 (GOOGLE-PR...)
15 52.70.133.108 14618 (AMAZON-AES)
6 52.216.109.45 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.112.176 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.90.245 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
12 54.210.82.228 14618 (AMAZON-AES)
2 151.101.114.2 54113 (FASTLY)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 35.201.81.77 15169 (GOOGLE)
3 3.211.150.70 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.66.87 54113 (FASTLY)
2 54.209.204.79 14618 (AMAZON-AES)
2 18.210.21.215 14618 (AMAZON-AES)
68 21
4    199.30.234.131 (United States)

ASN13380 (ASN-CUST, US)
link.zixcentral.com
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com
fevo.me
15    52.70.133.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-133-108.compute-1.amazonaws.com
offer.fevo.com
6    52.216.109.45 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
s.ytimg.com
3    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    143.204.90.245 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-245.fra50.r.cloudfront.net
cdn.heapanalytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
12    54.210.82.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-82-228.compute-1.amazonaws.com
gtw-customer.offer.fevo.com
2    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    35.201.81.77 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 77.81.201.35.bc.googleusercontent.com
api.rollbar.com
3    3.211.150.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-150-70.compute-1.amazonaws.com
heapanalytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.66.87 (United States)

ASN54113 (FASTLY, US)
s1.ticketm.net
2    54.209.204.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-204-79.compute-1.amazonaws.com
events.launchdarkly.com
2    18.210.21.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-21-215.compute-1.amazonaws.com
event-collection.fevo.com
Domain Requested by
15 offer.fevo.com code.jquery.com
offer.fevo.com
12 gtw-customer.offer.fevo.com offer.fevo.com
cdnjs.cloudflare.com
6 s3.amazonaws.com offer.fevo.com
4 api.rollbar.com cdnjs.cloudflare.com
offer.fevo.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
offer.fevo.com
4 link.zixcentral.com 1 redirects link.zixcentral.com
3 heapanalytics.com offer.fevo.com
3 js.stripe.com offer.fevo.com
js.stripe.com
2 event-collection.fevo.com cdnjs.cloudflare.com
2 events.launchdarkly.com cdnjs.cloudflare.com
2 app.launchdarkly.com offer.fevo.com
2 connect.facebook.net offer.fevo.com
connect.facebook.net
2 maxcdn.bootstrapcdn.com link.zixcentral.com
1 s1.ticketm.net offer.fevo.com
1 www.facebook.com offer.fevo.com
1 stats.g.doubleclick.net offer.fevo.com
1 s.ytimg.com www.youtube.com
1 cdn.heapanalytics.com offer.fevo.com
1 cdnjs.cloudflare.com offer.fevo.com
1 www.youtube.com offer.fevo.com
1 www.googletagmanager.com offer.fevo.com
1 fevo.me 1 redirects
1 code.jquery.com link.zixcentral.com
68 23

This site contains no links.

Subject Issuer Validity Valid
*.zixcentral.com
AffirmTrust Certificate Authority - OV1		 2019-03-28 -
2021-03-28		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
offer.fevo.com
Let's Encrypt Authority X3		 2020-01-05 -
2020-04-04		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-02-12 -
2020-06-03		 4 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
cdn.heapanalytics.com
Amazon		 2019-10-22 -
2020-11-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
gtw-customer.offer.fevo.com
Let's Encrypt Authority X3		 2020-01-05 -
2020-04-04		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-02-14 -
2020-07-25		 5 months crt.sh
api.rollbar.com
DigiCert SHA2 Secure Server CA		 2017-04-19 -
2020-07-15		 3 years crt.sh
heapanalytics.com
Amazon		 2020-01-21 -
2021-02-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
ticketmaster6.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-02-13 -
2021-01-14		 a year crt.sh
*.launchdarkly.com
Gandi Pro SSL CA 2		 2018-09-12 -
2020-10-30		 2 years crt.sh
*.fevo.com
Amazon		 2019-11-29 -
2020-12-29		 a year crt.sh

This page contains 5 frames:

Primary Page: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Frame ID: 4CB399491F060865E5A4AC17C406EDDA
Requests: 11 HTTP requests in this frame

Frame: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Frame ID: D3F9268394E2A2F55467FF3CAC6CE4B6
Requests: 52 HTTP requests in this frame

Frame: https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
Frame ID: 0ED1DD9EB6C0B5EC3403B80D60167F92
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Foffer.fevo.com&stripe_xdm_c=default452334&stripe_xdm_p=1
Frame ID: C26D0603E96EA621670BED059F8BA793
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: E0EBCAE1F36878C5D9FC05171E872972
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-... Page URL
  2. https://link.zixcentral.com/filter HTTP 302
    https://fevo.me/nursesnight2020-wizards HTTP 302
    https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

41 %
IPv6

19
Domains

23
Subdomains

21
IPs

6
Countries

1756 kB
Transfer

5480 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards Page URL
  2. https://link.zixcentral.com/filter HTTP 302
    https://fevo.me/nursesnight2020-wizards HTTP 302
    https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1403813721&t=pageview&_s=1&dl=https%3A%2F%2Foffer.fevo.com%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&ul=en-us&de=UTF-8&dt=Nurses%20Night&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=600170583&gjid=2053815827&cid=541567214.1581938569&tid=UA-72774165-5&_gid=1597929422.1581938569&_r=1&gtm=2ou250&z=690392238 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72774165-5&cid=541567214.1581938569&jid=600170583&_gid=1597929422.1581938569&gjid=2053815827&_v=j81&z=690392238

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set -OfhlLBO6hGrD5MHKHgf9A
link.zixcentral.com/u/65643257/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e8538e28aa4463c4f971d70fb9908f385a134ae1393c370b7b153d63596479d3

Request headers

Host
link.zixcentral.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.12.2
Date
Mon, 17 Feb 2020 11:22:45 GMT
Content-Type
text/html; charset=utf-8
Content-Length
2429
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
BIGipServer~ETP~link=!75ocfNQqnncdbBY6BbBGkx3HYpi91HlTN9AU59K90r4kllaOfa5I/T2RFTfxXHVe2OCWNE0g0A2iI/Y=; path=/; Httponly; Secure
app.css
link.zixcentral.com/css/ 		819 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://link.zixcentral.com/css/app.css?v=1
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8c52987fbc48500c2a81bd52f81d44324e31e7ecadbebd111a02f912be232cfd

Request headers

Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 17 Feb 2020 11:22:45 GMT
Last-Modified
Wed, 18 Dec 2019 17:30:48 GMT
Server
nginx/1.12.2
ETag
"5dfa6248-333"
Content-Type
text/css
Cache-Control
max-age
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
819
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Origin
https://link.zixcentral.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 11:22:45 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Origin
https://link.zixcentral.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 11:22:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-15283"
Vary
Accept-Encoding
X-HW
1581938565.dop150.fr8.shc,1581938565.dop150.fr8.t,1581938565.cds133.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30125
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Origin
https://link.zixcentral.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 11:22:45 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
logo.png
link.zixcentral.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://link.zixcentral.com/logo.png
Requested by
Host: link.zixcentral.com
URL: https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.30.234.131 , United States, ASN13380 (ASN-CUST, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0168c4dfc58a529baa6f03a90b9f42c7324ddece9bc9c58cd5e75c37e9568ce3

Request headers

Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 11:22:45 GMT
Cache-Control
no-cache
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
2916
Content-Type
image/png
Primary Request wizards-vs-bucks-hki4teb-048d3a9
offer.fevo.com/
Redirect Chain
  • https://link.zixcentral.com/filter
  • https://fevo.me/nursesnight2020-wizards
  • https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
8cd310f41e12176aa14f027f3637ebbd24ab34522dc9d091d48ccfb049496a58
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
offer.fevo.com
:scheme
https
:path
/wizards-vs-bucks-hki4teb-048d3a9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://link.zixcentral.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://link.zixcentral.com/u/65643257/-OfhlLBO6hGrD5MHKHgf9A?u=https%3A%2F%2Ffevo.me%2Fnursesnight2020-wizards

Response headers

status
200
server
openresty/1.15.8.2
date
Mon, 17 Feb 2020 11:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"7d2-7DlN/KQJm5/xjhPZ7tcVhsc39vU"
content-encoding
gzip

Redirect headers

status
302
cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Mon, 17 Feb 2020 11:22:46 GMT
location
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
referrer-policy
unsafe-url
server
nginx
set-cookie
_bit=k1hbmK-e20f2fdac1ae14d7e2-00l; Domain=fevo.me; Expires=Sat, 15 Aug 2020 11:22:46 GMT
content-length
142
typefaces.css
offer.fevo.com/ 		4 KB
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/typefaces.css
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
bfd3c968e90f5b8797eaa53b8c16d3d1973397e26b74d1c0d4d9f0f6627f1860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"11fa-170403f1950"
last-modified
Thu, 13 Feb 2020 20:30:42 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
fevo.js
offer.fevo.com/js/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/fevo.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
38d852bee53950fbe4415bd1a1cd988381e58ba3a92eb1c611233e5b67a4a7bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"1b369-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
fevo.css
offer.fevo.com/ 		1 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/fevo.css
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/fevo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
deed8036f882095f96e8342f1c870c66a36c91a27b33b4729b860978d3402220
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"429-170403f1950"
last-modified
Thu, 13 Feb 2020 20:30:42 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
iframe-bundle
offer.fevo.com/api/ Frame D3F9 		1 KB
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/api/iframe-bundle
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/fevo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
a752f93281eb67206d84953a4dad66ca7198e76f18c941afaaac60128d7f06e9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
offer.fevo.com
:scheme
https
:path
/api/iframe-bundle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9

Response headers

status
200
server
openresty/1.15.8.2
date
Mon, 17 Feb 2020 11:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"5be-nWbJN4ty0vcrUp3XNuWx96hcxV4"
content-encoding
gzip
56A835AA4A91F7F81AC61EE9B6F0719C
s3.amazonaws.com/fevo/www/media/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/fevo/www/media/56A835AA4A91F7F81AC61EE9B6F0719C
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
870b877dbab3030087400d38ef8687014b466913ed933d8e9324a92c1cbc29fa

Request headers

Referer
https://offer.fevo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 11:22:49 GMT
Last-Modified
Sat, 14 Sep 2019 15:13:22 GMT
Server
AmazonS3
x-amz-request-id
3F709DE1A3207125
ETag
"56a835aa4a91f7f81ac61ee9b6f0719c"
Content-Type
image/jpeg
Content-Length
96629
Accept-Ranges
bytes
x-amz-version-id
WL_qOAg6AY_26Gjlx1475rZgtU1G32s2
x-amz-id-2
kNPwmApZ37Qe3qQLhfXaoS9Q2NvwZYG5m2Ll31pZYFiHw/4EmZ6kaawH9MP34zXoZgTaCL7zkLs=
typefaces.css
offer.fevo.com/ Frame D3F9 		4 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/typefaces.css
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe-bundle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
bfd3c968e90f5b8797eaa53b8c16d3d1973397e26b74d1c0d4d9f0f6627f1860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe-bundle
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"11fa-170403f1950"
last-modified
Thu, 13 Feb 2020 20:30:42 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
vendor.200f0652.js
offer.fevo.com/js/ Frame D3F9 		1 MB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/vendor.200f0652.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe-bundle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
7f49d6a0d180bad14ddb9dd42605b9bcf23c791a563f956328dd52c273d0ca5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe-bundle
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"154ab3-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
main.b468a198.js
offer.fevo.com/js/ Frame D3F9 		634 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/main.b468a198.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe-bundle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
22256e34c8bb10b83729b311f8044a7c6933fd366f95d7921a7591003e4af498
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe-bundle
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:47 GMT
content-encoding
gzip
etag
W/"9e6f7-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
wizards-vs-bucks-hki4teb-048d3a9
offer.fevo.com/api/iframe/ Frame D3F9 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/fevo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
25bbb3503cc0bcd483e776298a706ee4eba80160ac0d95370d9a5fafa6d6f608
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
offer.fevo.com
:scheme
https
:path
/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9

Response headers

status
200
server
openresty/1.15.8.2
date
Mon, 17 Feb 2020 11:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"2d39-r8ceuFclLDCp4/sG0RfLyuGMEVc"
content-encoding
gzip
typefaces.css
offer.fevo.com/ Frame D3F9 		4 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/typefaces.css
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
bfd3c968e90f5b8797eaa53b8c16d3d1973397e26b74d1c0d4d9f0f6627f1860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
gzip
etag
W/"11fa-170403f1950"
last-modified
Thu, 13 Feb 2020 20:30:42 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
js
www.googletagmanager.com/gtag/ Frame D3F9 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-72774165-5
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e579f7f75e019ec356c988934855f215c4d30d79a5daff81f2d749f73745101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28496
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 11:22:48 GMT
iframe_api
www.youtube.com/ Frame D3F9 		859 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
/
js.stripe.com/v2/ Frame D3F9 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c022247ac30c6eb77b20896361223eb803a87142f527fa5d44fa7c6f210c568a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
227
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
20958
x-amz-id-2
3UZfcx/Yeei0vTgmWhaSKmlMi9itOlWoHY8wmmFIvB9GiE/zdql+NOhZgUGP9qfAy2Rlywzo50I=
x-served-by
cache-hhn4054-HHN
last-modified
Tue, 28 Jan 2020 17:27:37 GMT
server
AmazonS3
x-timer
S1581938569.512419,VS0,VE0
etag
"15fda0e26fec252d4d6a8e297ca90756"
vary
Accept-Encoding
x-amz-request-id
F3FC099357B19C61
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
55
vendor.200f0652.js
offer.fevo.com/js/ Frame D3F9 		1 MB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/vendor.200f0652.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
7f49d6a0d180bad14ddb9dd42605b9bcf23c791a563f956328dd52c273d0ca5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
gzip
etag
W/"154ab3-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
main.b468a198.js
offer.fevo.com/js/ Frame D3F9 		634 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/main.b468a198.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
22256e34c8bb10b83729b311f8044a7c6933fd366f95d7921a7591003e4af498
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
gzip
etag
W/"9e6f7-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/ Frame D3F9 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f09cdb1afc52188793ccef9e5e2f4d639b5005d6c8fc95ebed8c8c1abc5289
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Origin
https://offer.fevo.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
br
cf-cache-status
HIT
age
9432791
cf-ray
566762b66a00176e-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 23 Jan 2019 02:30:51 GMT
server
cloudflare
etag
W/"5c47d1db-f5fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 06 Feb 2021 11:22:48 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
heap-3724017063.js
cdn.heapanalytics.com/js/ Frame D3F9 		74 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3724017063.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.245 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-245.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
81febd83a742dd16028e362dbba5ba7a1814bf66465aeb376c787478c8f53a4e

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:48 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"12820-QL9sKrXbaD9BCebc815R/A"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=120
x-amz-cf-id
P61glwwf3rfQo3ajPs4ycWLwP1033buhpCGCbWjQkcXzAp8pc3oWRg==
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/ Frame D3F9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45be46c0ff615f13d4612f9b148208652a2a2da44d235dd3297ca3cc4f025ae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jowJ9fT0Y5vhqj3vrgsZtA==
status
200
date
Mon, 17 Feb 2020 11:22:48 GMT, Mon, 17 Feb 2020 11:22:48 GMT
expires
Mon, 17 Feb 2020 11:40:04 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1779
x-fb-debug
sDqrPgACXYfoPTg06oN9IP/z1YTK9AeIS74jtlfUfFv5fD21c8ptw1vUEg6FWThRwUHdrpWnXuXjxm7nF/rBag==
x-fb-trip-id
1850256238
x-fb-content-md5
d4db9730c870ea5e62f1e65fb1d66bf0
etag
"e6f87fa9869b8912d8a7d3ebcb30790f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/ Frame D3F9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 16 Feb 2020 13:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80548
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10243
x-xss-protection
0
last-modified
Sat, 15 Feb 2020 00:53:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Mon, 24 Feb 2020 13:00:20 GMT
wizards-vs-bucks-hki4teb-048d3a9
offer.fevo.com/thirdPartyPixels/ Frame 0ED1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
b89e44e720cf4718942388c8698b20894230f5761c8034a244dc7b23d67f9683
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
offer.fevo.com
:scheme
https
:path
/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9

Response headers

status
200
server
openresty/1.15.8.2
date
Mon, 17 Feb 2020 11:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"7ac-vikAjAZXcdUVSau/zyX47EfAc6Y"
content-encoding
gzip
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/main.b468a198.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
1614588672
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
5d895f4f176f3507a3cbcc00
app.launchdarkly.com/sdk/goals/ Frame D3F9 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5d895f4f176f3507a3cbcc00
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
x-launchdarkly-user-agent

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 varnish
age
0
x-cache
MISS
status
200
access-control-max-age
300
content-length
0
x-served-by
cache-hhn4056-HHN
allow
OPTIONS, HEAD, GET
x-timer
S1581938569.001222,VS0,VE94
vary
Accept-Encoding, Origin
access-control-allow-methods
OPTIONS, HEAD, GET
access-control-allow-origin
https://offer.fevo.com
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/main.b468a198.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
-661411328
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
channel.html
js.stripe.com/v2/ Frame C26D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Foffer.fevo.com&stripe_xdm_c=default452334&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Foffer.fevo.com&stripe_xdm_c=default452334&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/

Response headers

status
200
x-amz-id-2
gsyiHeoCxym+q84/aWyM0b1h7eoCEBvlebXzsDVfj89KreTIU7AtU8IIXeZMX436jX8iqQhf2ho=
x-amz-request-id
83757E91F21FB1CE
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 17 Feb 2020 11:22:48 GMT
via
1.1 varnish
age
52
x-served-by
cache-hhn4054-HHN
x-cache
HIT
x-cache-hits
14
x-timer
S1581938569.978891,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/main.b468a198.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
1398588672
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
hinted-MarkOT-Medium.woff2
s3.amazonaws.com/fevo/assets/fontface/mark-ot/ Frame D3F9 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/fevo/assets/fontface/mark-ot/hinted-MarkOT-Medium.woff2
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
785cf747482af7d9cd490ce653a784d9de6d71fbccb46d2ac4307d23acd77764

Request headers

Referer
https://offer.fevo.com/typefaces.css
Origin
https://offer.fevo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 11:22:50 GMT
Last-Modified
Tue, 02 Feb 2016 21:51:09 GMT
Server
AmazonS3
x-amz-request-id
4DA9393DDAF76ED7
ETag
"859ddf003dc72623cf45dbb0c209691c"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
x-amz-version-id
null
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
45072
x-amz-id-2
gTHyM9cm3tOsBZyUip+uyxmIKkadtLvUdAkX0/rfM8XzPzfEdhkxt4TnepQrX4fkN49zwwA0CVo=
analytics.js
www.google-analytics.com/ Frame D3F9 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-72774165-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2957
date
Mon, 17 Feb 2020 10:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 12:33:32 GMT
sdk.js
connect.facebook.net/en_US/ Frame D3F9 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=17687d70f6b8b0210d4c708f6470e3ed&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cac3d6dff0e7c23652820793e795117dbd288d327315657a9126891531638ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
KoxTC8TG0WUpyE8CFSFZbw==
status
200
date
Mon, 17 Feb 2020 11:22:49 GMT, Mon, 17 Feb 2020 11:22:49 GMT
expires
Tue, 16 Feb 2021 10:48:40 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59544
x-fb-debug
2rqDq/eBKiKvgZFHEISfs1BKhemN1Q7x9KkcqHPpNdygtWC7xlXxDCfmoaM+D1V8lG3/iLCIsQysYm73cKbnaQ==
x-fb-trip-id
2047048586
x-fb-content-md5
f9ee31775119ee877f117d19f059a4fc
etag
"14e7d6e8f2d5f1afdad0436d148c01ab"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
api.rollbar.com/api/1/item/ Frame D3F9 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.81.77 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-rollbar-access-token

Response headers

x-response-time
0ms
date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
server
nginx
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-rollbar-access-token
typefaces.css
offer.fevo.com/ Frame 0ED1 		4 KB
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/typefaces.css
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
bfd3c968e90f5b8797eaa53b8c16d3d1973397e26b74d1c0d4d9f0f6627f1860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
content-encoding
gzip
etag
W/"11fa-170403f1950"
last-modified
Thu, 13 Feb 2020 20:30:42 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
pixels.68dac52a.js
offer.fevo.com/js/ Frame 0ED1 		230 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer.fevo.com/js/pixels.68dac52a.js
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.70.133.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-133-108.compute-1.amazonaws.com
Software
openresty/1.15.8.2 / Express
Resource Hash
2ab279ba0a6187e430a69895e0f65e561816d215502c2720ed2d1e7528077849
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://offer.fevo.com/thirdPartyPixels/wizards-vs-bucks-hki4teb-048d3a9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
content-encoding
gzip
etag
W/"397f4-17040448020"
last-modified
Thu, 13 Feb 2020 20:36:36 GMT
server
openresty/1.15.8.2
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
must-revalidate, max-age=60s
strict-transport-security
max-age=15724800; includeSubDomains
h
heapanalytics.com/ Frame D3F9 		37 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3724017063&u=4648171270351818&v=1319986678475693&s=5484408073499345&b=web&tv=4.0&z=0&h=%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&d=offer.fevo.com&t=Nurses%20Night&r=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&ts=1581938569050&st=1581938569051&ei=68&et=variation
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.150.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-150-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:22:49 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
h
heapanalytics.com/ Frame D3F9 		37 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3724017063&u=4648171270351818&v=1319986678475693&s=5484408073499345&b=web&tv=4.0&sp=z&sp=0&sp=r&sp=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&sp=ts&sp=1581938569050&sp=d&sp=offer.fevo.com&sp=h&sp=%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&sp=t&sp=Nurses%20Night&pp=d&pp=offer.fevo.com&pp=h&pp=%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&pp=t&pp=Nurses%20Night&pp=ts&pp=1581938569050&id0=6339887677071785&k0=offerPageUri&k0=wizards-vs-bucks-hki4teb-048d3a9&k0=rootOfferUri&k0=wizards-vs-bucks-hki4teb-048d3a9&k0=hostUrl&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&k0=isFevoHosted&k0=true&k0=clientUrl&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&k0=hostDomain&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&t0=offer-page-loaded&st=1581938569051&ei=68&et=variation
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.150.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-150-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:22:49 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
collect
stats.g.doubleclick.net/r/ Frame D3F9
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1403813721&t=pageview&_s=1&dl=https%3A%2F%2Foffer.fevo.com%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&ul=en-us&de=UTF-8&dt=Nurses%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72774165-5&cid=541567214.1581938569&jid=600170583&_gid=1597929422.1581938569&gjid=2053815827&_v=j81&z=690392238
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72774165-5&cid=541567214.1581938569&jid=600170583&_gid=1597929422.1581938569&gjid=2053815827&_v=j81&z=690392238
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 17 Feb 2020 11:22:49 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:22:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72774165-5&cid=541567214.1581938569&jid=600170583&_gid=1597929422.1581938569&gjid=2053815827&_v=j81&z=690392238
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D3F9 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1403813721&t=event&_s=2&dl=https%3A%2F%2Foffer.fevo.com%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&ul=en-us&de=UTF-8&dt=Nurses%20Night&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=offer-page-loaded&_u=IEBAAUAB~&jid=&gjid=&cid=541567214.1581938569&tid=UA-72774165-5&_gid=1597929422.1581938569&gtm=2ou250&z=2041756677
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 01 Feb 2020 03:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1410263
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame D3F9 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=442862642887310&ev=fb_page_view&dl=https%3A%2F%2Foffer.fevo.com%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&rl=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&if=true&ts=1581938569072&sw=1600&sh=1200
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT, Mon, 17 Feb 2020 11:22:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 11:22:49 GMT
5d895f4f176f3507a3cbcc00
app.launchdarkly.com/sdk/goals/ Frame D3F9 		2 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5d895f4f176f3507a3cbcc00
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
X-LaunchDarkly-User-Agent
JSClient/3.1.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
status
200
access-control-max-age
300
content-length
26
x-served-by
cache-hhn4056-HHN
access-control-allow-origin
https://offer.fevo.com
x-timer
S1581938569.116214,VS0,VE0
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
1
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
7da239e429f58cbf7f8c0b4f0bfc515aa22a086f74c16fe9d56b305b2690cb99
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.2
x-request-time-ms
1781238976
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		132 B
1006 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
97e1821b726aed04126bb6b632cf9652c2f64ac9d5ad1d24ae55eef494dac1d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
vary
Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
content-length
132
server
openresty/1.15.8.2
x-request-time-ms
1565493952
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6IjU0MjBmNmMzLTY0N2MtNDRmNS1iZjAyLTAwYjdkMGY2YTc0MCJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.rXCz0aNfzXSrv96WYQo1NKdKQxwa0AAAU7djPFIiZas
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		113 B
988 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
5460fb44f9f4e80aae7928a29bdb5a4e764fba555d5399335ca0d040f6269bd3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
vary
Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
content-length
113
server
openresty/1.15.8.2
x-request-time-ms
-86197888
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6IjMwN2E4ZTFkLTVkNmItNDU3Zi1hZWVkLWEyYTFjMmNkNDE2MSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.Os9SBEpGv9Chcxu_LBReHFYgniKDl2hZ8IZN1eqRKz4
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
/
api.rollbar.com/api/1/item/ Frame D3F9 		100 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.81.77 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
34a772fd6b46e737def644f011a8df6caa4ea4a8be307d3265086d983040fcd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-Rollbar-Access-Token
7aea3d3b183b4e55b0d73b7097da81dc
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 google
x-rate-limit-limit
5000
x-rate-limit-remaining-seconds
60
x-rate-limit-remaining
4999
status
200
alt-svc
clear
content-length
100
x-response-time
11ms
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-reset
1581938629
access-control-allow-credentials
true
x-content-type-options
nosniff
outer.html
js.stripe.com/v2/m/ Frame E0EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/

Response headers

status
200
x-amz-id-2
Ct6Lo35nU+8/khAA2ThjgqWzeWmfZpZ25TZdkuVTV08gFY/uED+O796iiroLrK/smOMkeuepW6c=
x-amz-request-id
082D8D93894DDA55
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 varnish
age
229
x-served-by
cache-hhn4054-HHN
x-cache
HIT
x-cache-hits
278
x-timer
S1581938570.573641,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-session

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
-1877378624
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-session

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
-850313216
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		0
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-session

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
server
openresty/1.15.8.2
x-request-time-ms
-24345920
status
204
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://offer.fevo.com
access-control-max-age
3600
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
access-control-expose-headers
X-Session
/
api.rollbar.com/api/1/item/ Frame D3F9 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.81.77 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-rollbar-access-token

Response headers

x-response-time
0ms
date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 google
x-content-type-options
nosniff
alt-svc
clear
server
nginx
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-rollbar-access-token
A980B0FF2DC8CCB3D6DEE274D46C1425
s3.amazonaws.com/fevo/www/media/ Frame D3F9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/fevo/www/media/A980B0FF2DC8CCB3D6DEE274D46C1425
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6610e3dabc48fb80e01edfe47ed36a9dce7ab5acda7c4b05787bbb96b25ce03

Request headers

Referer
https://offer.fevo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 11:22:50 GMT
Last-Modified
Fri, 07 Feb 2020 15:24:41 GMT
Server
AmazonS3
x-amz-request-id
22C5A05423C06F04
ETag
"a980b0ff2dc8ccb3d6dee274d46c1425"
Content-Type
image/jpeg
Content-Length
38706
Accept-Ranges
bytes
x-amz-version-id
HRCIHKPbpH2cZAxeF1fu1D3Jfm.NHPLq
x-amz-id-2
kd+f/wlh65HYP7euog+xArZ3/rkEpOP6NDgONyLmXhundWB3plZUQdYt/RTvuZbhmz2aCtTozQo=
38E0416DE9A0E0EA7E40DBC6E01E2FEA
s3.amazonaws.com/fevo/www/media/ Frame D3F9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/fevo/www/media/38E0416DE9A0E0EA7E40DBC6E01E2FEA
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
14225bba159dccfbc7544a0b3f013c9e75f0eeaf981ff0ca6c183fa3e41d6b49

Request headers

Referer
https://offer.fevo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 11:22:51 GMT
Last-Modified
Fri, 07 Feb 2020 15:24:41 GMT
Server
AmazonS3
x-amz-request-id
8D96D729BEA93E92
ETag
"38e0416de9a0e0ea7e40dbc6e01e2fea"
Content-Type
image/jpeg
Content-Length
25512
Accept-Ranges
bytes
x-amz-version-id
BTLH26E7sfNElweQfv3.y50_vpmT2EsK
x-amz-id-2
5fJTHuiCo19I3993YAZSaLoo/Kj6sp/1o9f7zhhDF3x2E1dEs5GnxCY/L/5SFSM66zrd+EVlg/Y=
hinted-MarkOT-Bold.woff2
s3.amazonaws.com/fevo/assets/fontface/mark-ot/ Frame D3F9 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/fevo/assets/fontface/mark-ot/hinted-MarkOT-Bold.woff2
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5b9297220fcb306c857149370785f136ffa0473095bf4d807fa1098960975783

Request headers

Referer
https://offer.fevo.com/typefaces.css
Origin
https://offer.fevo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 11:22:50 GMT
Last-Modified
Wed, 13 Jan 2016 18:26:33 GMT
Server
AmazonS3
x-amz-request-id
A6D6381E139B9774
ETag
"c294954989b52c16f78546ccf627b4d0"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
x-amz-version-id
null
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
48436
x-amz-id-2
1tdhBKRmEw0xgWFP+m0u/5n9qEPzi0VhR9yK5sEtFV/YczdOaqc4Hy5EC5F0SfajUow3Rvtvq5g=
hinted-SharpSansNo1-Bold.woff2
s3.amazonaws.com/fevo/assets/fontface/sharp-sans/ Frame D3F9 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/fevo/assets/fontface/sharp-sans/hinted-SharpSansNo1-Bold.woff2
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/js/vendor.200f0652.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.109.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f8d7d000683e38a06b12b03d5f1733c13b108f3e6b1384c48dc13bf5c1df326

Request headers

Referer
https://offer.fevo.com/typefaces.css
Origin
https://offer.fevo.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 11:22:51 GMT
Last-Modified
Tue, 15 Dec 2015 21:38:39 GMT
Server
AmazonS3
x-amz-request-id
4C104AC7D9109CB9
ETag
"fbf532d989bef4808321868cf4eb243d"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, PUT, POST
x-amz-version-id
null
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
49076
x-amz-id-2
Ynk41z1DVOTAgyUPCkrXOMqxiKv4iLgdPmeXW/m3EqMNEQxf2qAzhNqLsZKjSxKIr1QZtdhPiSg=
h
heapanalytics.com/ Frame D3F9 		37 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3724017063&u=4648171270351818&v=1319986678475693&s=5484408073499345&b=web&tv=4.0&sp=r&sp=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&sp=ts&sp=1581938569050&sp=d&sp=offer.fevo.com&sp=h&sp=%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&pp=d&pp=offer.fevo.com&pp=h&pp=%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&pp=t&pp=Nurses%20Night&pp=ts&pp=1581938569050&id0=7119445921530494&k0=offerUri&k0=wizards-vs-bucks-hki4teb-048d3a9&k0=rootOfferUri&k0=wizards-vs-bucks-hki4teb-048d3a9&k0=offerPageUri&k0=wizards-vs-bucks-hki4teb-048d3a9&k0=hostUrl&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&k0=isFevoHosted&k0=true&k0=clientUrl&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&k0=hostDomain&k0=https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9&t0=select-offer&st=1581938569759&ei=68&et=variation
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.150.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-150-70.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:22:49 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
collect
www.google-analytics.com/ Frame D3F9 		35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1403813721&t=event&_s=3&dl=https%3A%2F%2Foffer.fevo.com%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F&ul=en-us&de=UTF-8&dt=Nurses%20Night&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=select-offer&_u=KEBAAUAB~&jid=&gjid=&cid=541567214.1581938569&tid=UA-72774165-5&_gid=1597929422.1581938569&gtm=2ou250&z=1289907883
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 01 Feb 2020 03:38:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1410263
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tm-verified-large.png
s1.ticketm.net/tm/en-us/img/static/verified/ Frame D3F9 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ticketm.net/tm/en-us/img/static/verified/tm-verified-large.png
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.87 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fb8e3bdb07b8141054615669b9226a18073ebacb367b3571f99eaf4ee1be77cc

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 varnish, 1.1 varnish
age
790771
x-cache
HIT, HIT
fastly-io-info
ifsz=10499 idim=247x69 ifmt=png ofsz=9648 odim=247x69 ofmt=png
status
200
fastly-stats
io=1
content-encoding
br
fastly-io-warning
Failed to shrink image
x-served-by
cache-bwi5123-BWI, cache-ams21034-AMS
server
Apache
x-timer
S1581938570.922405,VS0,VE1
etag
"uWngLwysvtLqQ6qdunBaC5vq4oeD9l/LIq76ZuXJJyI"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
none
x-cache-hits
1, 1
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		116 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
c9c0f0bebd55740ef701293d2785884d6adaf8369973b73a820711679151859b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
X-Session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
vary
Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
content-length
116
server
openresty/1.15.8.2
x-request-time-ms
-1004076160
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		114 B
989 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
5600ca9061732d313e7b0a7d726637ac48968b7e660d2609ccecbced6c147a9d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
X-Session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
vary
Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
content-length
114
server
openresty/1.15.8.2
x-request-time-ms
-510191808
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
wizards-vs-bucks-hki4teb-048d3a9
gtw-customer.offer.fevo.com/o/ Frame D3F9 		280 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gtw-customer.offer.fevo.com/o/wizards-vs-bucks-hki4teb-048d3a9
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.210.82.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-82-228.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
9cd3e52b13db1b9e871803d3f5c5b206198d79b4dcd1b8e09337d347b7443c3f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
X-Session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
status
200
strict-transport-security
max-age=15724800; includeSubDomains
server
openresty/1.15.8.2
x-request-time-ms
2075753984
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
x-schema-version
0.0.0
access-control-allow-origin
https://offer.fevo.com
access-control-expose-headers
X-Session
access-control-allow-credentials
true
x-session
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
content-type
application/json
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, X-Session
/
api.rollbar.com/api/1/item/ Frame D3F9 		100 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: offer.fevo.com
URL: https://offer.fevo.com/wizards-vs-bucks-hki4teb-048d3a9?fevoUri=wizards-vs-bucks-hki4teb-048d3a9%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.81.77 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dcead3e88243f8cba818ef14ad1037c5baf3e2210f3d3ce1e1c0f4844623e292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-Rollbar-Access-Token
7aea3d3b183b4e55b0d73b7097da81dc
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Feb 2020 11:22:49 GMT
via
1.1 google
x-rate-limit-limit
5000
x-rate-limit-remaining-seconds
60
x-rate-limit-remaining
4998
status
200
alt-svc
clear
content-length
100
x-response-time
12ms
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-reset
1581938629
access-control-allow-credentials
true
x-content-type-options
nosniff
5d895f4f176f3507a3cbcc00
events.launchdarkly.com/events/bulk/ Frame D3F9 		0
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5d895f4f176f3507a3cbcc00
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.204.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-204-79.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent

Response headers

Date
Mon, 17 Feb 2020 11:22:51 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS,POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID
5d895f4f176f3507a3cbcc00
events.launchdarkly.com/events/bulk/ Frame D3F9 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5d895f4f176f3507a3cbcc00
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.204.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-204-79.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/3.1.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty
Content-Type
application/json

Response headers

Date
Mon, 17 Feb 2020 11:22:51 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS,POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID
Content-Length
0
batch
event-collection.fevo.com/event/ Frame D3F9 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event-collection.fevo.com/event/batch
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.21.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-21-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
https://offer.fevo.com
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Mon, 17 Feb 2020 11:22:54 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
access-control-allow-origin
https://offer.fevo.com
x-frame-options
DENY
vary
Origin
access-control-allow-methods
POST
status
200
access-control-max-age
3600
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-headers
content-type
content-length
0
x-xss-protection
1; mode=block
batch
event-collection.fevo.com/event/ Frame D3F9 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event-collection.fevo.com/event/batch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.21.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-21-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://offer.fevo.com/api/iframe/wizards-vs-bucks-hki4teb-048d3a9/
Origin
https://offer.fevo.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Feb 2020 11:22:54 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
status
200
x-frame-options
DENY
access-control-allow-origin
https://offer.fevo.com
access-control-allow-credentials
true
x-content-type-options
nosniff
vary
Origin
content-length
0
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| FEVO_SETTINGS object| fevoSdk

8 Cookies

Domain/Path Name / Value
.offer.fevo.com/ Name: __stripe_sid
Value: a571941a-3041-4a0d-830f-cc25022b5c8c
.offer.fevo.com/ Name: gtw_customer_api_session
Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InZpZXdlciI6ImY1NzZmZDlhLWY1ODktNDA2MS1iMzUzLTBhZjI1ODg0MzQxZSJ9LCJleHAiOjE4OTcyOTg1NjksIm5iZiI6MTU4MTkzODU2OSwiaWF0IjoxNTgxOTM4NTY5fQ.GCP7JNJ_Y_X6PL-EKZZCVWTD6Qw_s1C6XaNmgm3HJuA
.offer.fevo.com/ Name: __stripe_mid
Value: b0d65725-0603-4933-9813-9808f191ad65
.fevo.com/ Name: _gid
Value: GA1.2.1597929422.1581938569
.fevo.com/ Name: _hp2_ses_props.3724017063
Value: %7B%22r%22%3A%22https%3A%2F%2Foffer.fevo.com%2Fwizards-vs-bucks-hki4teb-048d3a9%22%2C%22ts%22%3A1581938569050%2C%22d%22%3A%22offer.fevo.com%22%2C%22h%22%3A%22%2Fapi%2Fiframe%2Fwizards-vs-bucks-hki4teb-048d3a9%2F%22%7D
.fevo.com/ Name: _gat_gtag_UA_72774165_5
Value: 1
.fevo.com/ Name: _ga
Value: GA1.2.541567214.1581938569
.fevo.com/ Name: _hp2_id.3724017063
Value: %7B%22userId%22%3A%224648171270351818%22%2C%22pageviewId%22%3A%221319986678475693%22%2C%22sessionId%22%3A%225484408073499345%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

3 Console Messages

Source Level URL
Text
console-api warning URL: https://offer.fevo.com/js/main.b468a198.js(Line 1)
Message:
error using localStorage, using InMemoryStore
console-api warning URL: https://offer.fevo.com/js/vendor.200f0652.js(Line 2)
Message:
LD: [warn] Be sure to call `identify` in the LaunchDarkly client: https://docs.launchdarkly.com/docs/js-sdk-reference#section-analytics-events
console-api warning URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.5.2/rollbar.min.js(Line 2)
Message:
LocalStorageCookieManager: error using localStorage, using InMemoryStore

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rollbar.com
app.launchdarkly.com
cdn.heapanalytics.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
event-collection.fevo.com
events.launchdarkly.com
fevo.me
gtw-customer.offer.fevo.com
heapanalytics.com
js.stripe.com
link.zixcentral.com
maxcdn.bootstrapcdn.com
offer.fevo.com
s.ytimg.com
s1.ticketm.net
s3.amazonaws.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
143.204.90.245
151.101.112.176
151.101.114.2
151.101.66.87
18.210.21.215
199.30.234.131
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
2606:4700::6811:4104
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:818::2008
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.211.150.70
35.201.81.77
52.216.109.45
52.70.133.108
54.209.204.79
54.210.82.228
67.199.248.12
0168c4dfc58a529baa6f03a90b9f42c7324ddece9bc9c58cd5e75c37e9568ce3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14225bba159dccfbc7544a0b3f013c9e75f0eeaf981ff0ca6c183fa3e41d6b49
22256e34c8bb10b83729b311f8044a7c6933fd366f95d7921a7591003e4af498
25bbb3503cc0bcd483e776298a706ee4eba80160ac0d95370d9a5fafa6d6f608
2ab279ba0a6187e430a69895e0f65e561816d215502c2720ed2d1e7528077849
2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c
2f8d7d000683e38a06b12b03d5f1733c13b108f3e6b1384c48dc13bf5c1df326
34a772fd6b46e737def644f011a8df6caa4ea4a8be307d3265086d983040fcd7
38d852bee53950fbe4415bd1a1cd988381e58ba3a92eb1c611233e5b67a4a7bb
45be46c0ff615f13d4612f9b148208652a2a2da44d235dd3297ca3cc4f025ae0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5460fb44f9f4e80aae7928a29bdb5a4e764fba555d5399335ca0d040f6269bd3
5600ca9061732d313e7b0a7d726637ac48968b7e660d2609ccecbced6c147a9d
5b9297220fcb306c857149370785f136ffa0473095bf4d807fa1098960975783
5e579f7f75e019ec356c988934855f215c4d30d79a5daff81f2d749f73745101
60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa
75f09cdb1afc52188793ccef9e5e2f4d639b5005d6c8fc95ebed8c8c1abc5289
785cf747482af7d9cd490ce653a784d9de6d71fbccb46d2ac4307d23acd77764
7da239e429f58cbf7f8c0b4f0bfc515aa22a086f74c16fe9d56b305b2690cb99
7f49d6a0d180bad14ddb9dd42605b9bcf23c791a563f956328dd52c273d0ca5d
81febd83a742dd16028e362dbba5ba7a1814bf66465aeb376c787478c8f53a4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
870b877dbab3030087400d38ef8687014b466913ed933d8e9324a92c1cbc29fa
8c52987fbc48500c2a81bd52f81d44324e31e7ecadbebd111a02f912be232cfd
8cd310f41e12176aa14f027f3637ebbd24ab34522dc9d091d48ccfb049496a58
97e1821b726aed04126bb6b632cf9652c2f64ac9d5ad1d24ae55eef494dac1d3
9cd3e52b13db1b9e871803d3f5c5b206198d79b4dcd1b8e09337d347b7443c3f
a752f93281eb67206d84953a4dad66ca7198e76f18c941afaaac60128d7f06e9
b89e44e720cf4718942388c8698b20894230f5761c8034a244dc7b23d67f9683
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfd3c968e90f5b8797eaa53b8c16d3d1973397e26b74d1c0d4d9f0f6627f1860
c022247ac30c6eb77b20896361223eb803a87142f527fa5d44fa7c6f210c568a
c9c0f0bebd55740ef701293d2785884d6adaf8369973b73a820711679151859b
cac3d6dff0e7c23652820793e795117dbd288d327315657a9126891531638ce5
dcead3e88243f8cba818ef14ad1037c5baf3e2210f3d3ce1e1c0f4844623e292
deed8036f882095f96e8342f1c870c66a36c91a27b33b4729b860978d3402220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6610e3dabc48fb80e01edfe47ed36a9dce7ab5acda7c4b05787bbb96b25ce03
e8538e28aa4463c4f971d70fb9908f385a134ae1393c370b7b153d63596479d3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb8e3bdb07b8141054615669b9226a18073ebacb367b3571f99eaf4ee1be77cc