gleam.io Open in urlscan Pro
172.66.40.77  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://go.eggforce.io/Ayfe Page URL
2. https://gleam.io/zRGSI/eggforcenft?utm_campaign=Airdrop100BUSD&utm_medium=eggforce&utm_source=social&utm_term=twitter&utm_content=post Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Ayfe Show response go.eggforce.io/	6 KB 7 KB	552ms 184ms	Document text/html	34.76.180.229 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.76.180.229 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 229.180.76.34.bc.googleusercontent.com Software Caddy / Resource Hash 15a419a4647296bf28d84d06ad2f3b55ccf691f053b3f953f5a55aad85275c8a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-origin * content-length 6640 content-type text/html; charset=utf-8 date Tue, 08 Nov 2022 16:37:40 GMT etag W/"19f0-VOfGvftgD6k9/TN11XIpuzw1FNE" server Caddy
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	45 KB 17 KB	93ms 38ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16836 x-xss-protection 0 server cafe etag 14253518212129236209 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 08 Nov 2022 16:37:40 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	27ms 9ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 08 Nov 2022 16:37:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27337 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug IRc83PXbN/5ZC9mQtFn+C5VJ047qsDbtrqHvIcPnJMkheHH4tjy/MM33C0EqyAZrnwgautiJtEmitiV6vYV0Yw== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	99 KB 39 KB	61ms 26ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P2JKS3J Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 71e7e25405dca8e83ee0893c682e1cedccbc0163cc72bb1dce8bab02cf48e906 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39508 x-xss-protection 0 last-modified Tue, 08 Nov 2022 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 08 Nov 2022 16:37:40 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	37ms 6ms	Script application/javascript	146.75.116.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 16:56:53 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100081-IAD, cache-fra-eddf8230109-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	143 KB 53 KB	76ms 42ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WSRDC4H Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 46358e5577e8bfde2e69fe336c62e3ebf6b8cc63f1b526a40afb3fa16cbac903 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53947 x-xss-protection 0 last-modified Tue, 08 Nov 2022 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 08 Nov 2022 16:37:40 GMT
GET H2	200	510200296355136 Show response connect.facebook.net/signals/config/	294 KB 85 KB	72ms 69ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/510200296355136?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fa56494b23a47277eac9e256599ced72ac65b97e96513cbd84699bff8ba6c423 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 08 Nov 2022 16:37:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug fpcNXnuXN8CRiXIBjMGrNl+QcfwtRcMMVmwByILfptjCbAVm5udhy+EmZM0iQ6jtVCjju3moEY9iAYPCxsPc3g== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	adsct t.co/i/	43 B 376 B	166ms 149ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=b5304b52-4fd8-4449-a58c-19de89a9ff94&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=004761d8-75e7-46f3-a214-87d83436e65b&tw_document_href=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9grn&type=javascript&version=2.3.29 Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-response-time 142 date Tue, 08 Nov 2022 16:37:39 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id acb25e59ba94f585 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 8e6208f74c881294ac6f82c0113d511ab287546fdb7aa49bb084df018233e2da content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 395 B	133ms 117ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b5304b52-4fd8-4449-a58c-19de89a9ff94&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=004761d8-75e7-46f3-a214-87d83436e65b&tw_document_href=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9grn&type=javascript&version=2.3.29 Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-response-time 110 date Tue, 08 Nov 2022 16:37:39 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id c4ef34a34fe79079 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash fa0a84b14e6c1e54e36491bfa3d3947a0234a6f05a5b4bc964f02cfd8af5f605 content-length 43
GET H3	200	js Show response www.googletagmanager.com/gtag/	211 KB 74 KB	62ms 34ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XS68R0HRFR&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2JKS3J Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7fda062c457d660f7c03f1dec0e6be0a76edb68aa81f0acf0d654ceceacd8d10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76002 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 08 Nov 2022 16:37:40 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1000266555/	2 KB 2 KB	61ms 26ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1000266555/?random=1667925460267&cv=9&fst=1667925460267&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9c17b86b5bb4fb58e121b7eb4bf62c80dc6a3258896682dce34d3a5044d42cb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 964 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1000266555/	2 KB 1 KB	60ms 27ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1000266555/?random=1667925460271&cv=9&fst=1667925460267&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 01bac3aa0b56d5c8e795aa69adcdd062242d89dd254ddb43bcf633e36490f006 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 964 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		mtc.js mautic.originstake.com/	0 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	211 KB 74 KB	41ms 29ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5L7C3059G1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSRDC4H Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 778bc7a82a119ba9f660be624a5968b48cab6392c4ed28392fb3bce743ef1513 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 75937 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 08 Nov 2022 16:37:40 GMT
GET H2	200	adsct t.co/i/	43 B 205 B	118ms 117ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=2dc8744e-0579-4690-a1dd-7f7006de8a12&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=004761d8-75e7-46f3-a214-87d83436e65b&tw_document_href=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9grn&type=javascript&version=2.3.29 Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-response-time 110 date Tue, 08 Nov 2022 16:37:39 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id f8276b31c9278cee cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 8e6208f74c881294ac6f82c0113d511ab287546fdb7aa49bb084df018233e2da content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 215 B	113ms 113ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2dc8744e-0579-4690-a1dd-7f7006de8a12&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=004761d8-75e7-46f3-a214-87d83436e65b&tw_document_href=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o9grn&type=javascript&version=2.3.29 Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-response-time 106 date Tue, 08 Nov 2022 16:37:39 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 59f0a116f9a25524 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash fa0a84b14e6c1e54e36491bfa3d3947a0234a6f05a5b4bc964f02cfd8af5f605 content-length 43
GET H2	200	/ www.facebook.com/tr/	0 185 B	28ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=510200296355136&ev=PageView&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&rl=&if=false&ts=1667925460314&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221141101062909359%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22623612331815082%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221124588691233017%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22220021552720743%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1667925460313.1667293503&it=1667925460217&coo=false&rqm=GET Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 08 Nov 2022 16:37:40 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.google.com/pagead/1p-user-list/AW-1000266555/	42 B 548 B	63ms 28ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/AW-1000266555/?random=1667925460267&cv=9&fst=1667923200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&fmt=3&is_vtc=1&random=1076704355&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/AW-1000266555/	42 B 108 B	69ms 34ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/AW-1000266555/?random=1667925460267&cv=9&fst=1667923200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&fmt=3&is_vtc=1&random=1076704355&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/AW-1000266555/	42 B 108 B	62ms 28ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/AW-1000266555/?random=1667925460271&cv=9&fst=1667923200000&num=2&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&fmt=3&is_vtc=1&random=3442864615&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/AW-1000266555/	42 B 548 B	61ms 27ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/AW-1000266555/?random=1667925460271&cv=9&fst=1667923200000&num=2&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fgo.eggforce.io%2FAyfe&tiba=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&fmt=3&is_vtc=1&random=3442864615&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 346 B	50ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-5L7C3059G1&gtm=2oeb20&_p=1068445905&cid=1243803619.1667925460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667925460&sct=1&seg=0&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&dt=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5L7C3059G1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.eggforce.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	22ms 19ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-XS68R0HRFR&gtm=2oeb20&_p=1068445905&cid=1243803619.1667925460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667925460&sct=1&seg=0&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&dt=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XS68R0HRFR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Tue, 08 Nov 2022 16:37:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.eggforce.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	Primary Request eggforcenft Show response gleam.io/zRGSI/	58 KB 40 KB	225ms 72ms	Document text/html	172.66.40.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gleam.io/zRGSI/eggforcenft?utm_campaign=Airdrop100BUSD&utm_medium=eggforce&utm_source=social&utm_term=twitter&utm_content=post Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4170a6419bd8117b4e110edaea058909cc65d071686ce40cc00ee8d575fb83fc Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://go.eggforce.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 766fbc123e636910-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 08 Nov 2022 16:37:40 GMT expires Thu, 01 Jan 1970 00:00:01 GMT referrer-policy same-origin server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff
GET H3	200	/ www.facebook.com/tr/	0 18 B	17ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=510200296355136&ev=Microdata&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&rl=&if=false&ts=1667925460817&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.eggforce.io%2FAyfe%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fce8f609cc.cloudimg.io%2Fcrop%2F1200x630%2Ffoil1.95%2Fhttps%253A%252F%252Ffirebasestorage.googleapis.com%252Fv0%252Fb%252Furlshortener-f1125.appspot.com%252Fo%252Fimages%25252Fpublic%25252Flinks%25252F2022-11-07T13%25253A57%25253A59.744Z%253Falt%253Dmedia%2526token%253D0115ad0c-6dbb-47b0-9e2f-c3e3a6652364%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fgo.eggforce.io%2FAyfe%22%2C%22twitter%3Atitle%22%3A%22%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D%22%2C%22twitter%3Adescription%22%3A%22%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fce8f609cc.cloudimg.io%2Fcrop%2F1200x630%2Ffoil1.95%2Fhttps%253A%252F%252Ffirebasestorage.googleapis.com%252Fv0%252Fb%252Furlshortener-f1125.appspot.com%252Fo%252Fimages%25252Fpublic%25252Flinks%25252F2022-11-07T13%25253A57%25253A59.744Z%253Falt%253Dmedia%2526token%253D0115ad0c-6dbb-47b0-9e2f-c3e3a6652364%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667925460313.1667293503&it=1667925460217&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://go.eggforce.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 08 Nov 2022 16:37:40 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
POST		collect region1.google-analytics.com/g/	0 0
POST		collect region1.google-analytics.com/g/	0 0
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7ee3f7a5d07ff9d0a12bde19c3584acdc2943d6525235022f504caa19d3d83a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542 Request headers Referer Origin https://gleam.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988 Request headers Referer Origin https://gleam.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type font/woff2
GET H3	200	invisible.js Show response gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 5AAB	35 KB 15 KB	60ms 30ms	Script application/javascript	172.66.40.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667923200 Requested by Host: go.eggforce.io URL: https://go.eggforce.io/Ayfe Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d42cf06d0e1764190c3a3a1328efe613bf2dc89cfa234117742224a0522a2113 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 766fbc131eb6928f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js gleam.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5AAB	20 KB 8 KB	18ms 17ms	Other application/javascript	172.66.40.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 684b9ebcfd37e3a5acafc8b88835a9627277f571350c722949e62e2182f569c0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 08 Nov 2022 16:37:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 766fbc136f3f928f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	766fbc123e636910 Show response gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5AAB	2 B 438 B	60ms 59ms	XHR text/plain	172.66.40.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gleam.io/cdn-cgi/challenge-platform/h/b/cv/result/766fbc123e636910 Requested by Host: gleam.io URL: https://gleam.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667923200 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers date Tue, 08 Nov 2022 16:37:41 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare content-type text/plain; charset=UTF-8 cf-ray 766fbc156b1b928f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mautic.originstake.com

URL

https://mautic.originstake.com/mtc.js

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-5L7C3059G1&gtm=2oeb20&_p=1068445905&cid=1243803619.1667925460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667925460&sct=1&seg=0&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&dt=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&en=scroll&epn.percent_scrolled=90&_et=8

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-XS68R0HRFR&gtm=2oeb20&_p=1068445905&cid=1243803619.1667925460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667925460&sct=1&seg=0&dl=https%3A%2F%2Fgo.eggforce.io%2FAyfe&dt=%5BAIRDROP%20100%20BUSD%20EGGFORCENFT%20X%20AG%20CRYPTO%5D&en=scroll&epn.percent_scrolled=90&_et=8

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| campaignId

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.eggforce.io/	1970-01-20 09:28:21	Name: _fbp Value: fb.1.1667925460313.1667293503
			.doubleclick.net/	1970-01-20 07:18:46	Name: test_cookie Value: CheckForPermission
			.eggforce.io/	1970-01-20 16:54:45	Name: _ga_5L7C3059G1 Value: GS1.1.1667925460.1.0.1667925460.0.0.0
			.eggforce.io/	1970-01-20 16:54:45	Name: _ga Value: GA1.1.1243803619.1667925460
			.twitter.com/	1970-01-20 16:54:45	Name: personalization_id Value: "v1_/m1MFm93yt6jfBftciS3gw=="
			.t.co/	1970-01-20 16:54:45	Name: muc_ads Value: 9a95a6d8-0434-457d-b753-97f308e8d572
			.eggforce.io/	1970-01-20 16:54:45	Name: _ga_XS68R0HRFR Value: GS1.1.1667925460.1.0.1667925460.0.0.0
			.gleam.io/	1970-01-20 07:18:47	Name: __cf_bm Value: bheGGMDcihlBCk.Q6jD.1VF73Ru8sU66aaWrKbx_8ps-1667925461-0-AULp+IOZJnDUtdGWYg4b94M7U0tXc0GNGxLGsfHfuciGnXzvi8Jo7yzdFu60PjKDLNzEGMqSQnLGZFSsvwafx+CE9y3zWkFUFG1P72NhgIQbqBUmm/2/CmHZm5WmbICRNyIUWfGjayRnQHhRhxv3zVF+mpXsZ/Oe5psiGT4E1lYU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gleam.io/zRGSI/eggforcenft?utm_campaign=Airdrop100BUSD&utm_medium=eggforce&utm_source=social&utm_term=twitter&utm_content=post Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
connect.facebook.net
gleam.io
go.eggforce.io
googleads.g.doubleclick.net
mautic.originstake.com
region1.google-analytics.com
static.ads-twitter.com
t.co
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
mautic.originstake.com
region1.google-analytics.com
104.244.42.133
104.244.42.195
142.250.186.34
146.75.116.157
172.66.40.77
2001:4860:4802:34::36
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2008
2a00:1450:4001:830::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.76.180.229
01bac3aa0b56d5c8e795aa69adcdd062242d89dd254ddb43bcf633e36490f006
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
15a419a4647296bf28d84d06ad2f3b55ccf691f053b3f953f5a55aad85275c8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4170a6419bd8117b4e110edaea058909cc65d071686ce40cc00ee8d575fb83fc
46358e5577e8bfde2e69fe336c62e3ebf6b8cc63f1b526a40afb3fa16cbac903
684b9ebcfd37e3a5acafc8b88835a9627277f571350c722949e62e2182f569c0
71e7e25405dca8e83ee0893c682e1cedccbc0163cc72bb1dce8bab02cf48e906
778bc7a82a119ba9f660be624a5968b48cab6392c4ed28392fb3bce743ef1513
7fda062c457d660f7c03f1dec0e6be0a76edb68aa81f0acf0d654ceceacd8d10
9c17b86b5bb4fb58e121b7eb4bf62c80dc6a3258896682dce34d3a5044d42cb6
a765b6b49657c03fd21414da60eed05a7978b91fcf9f0818ca51cbca2f7ede0b
a7ee3f7a5d07ff9d0a12bde19c3584acdc2943d6525235022f504caa19d3d83a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d42cf06d0e1764190c3a3a1328efe613bf2dc89cfa234117742224a0522a2113
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fa56494b23a47277eac9e256599ced72ac65b97e96513cbd84699bff8ba6c423