urlscan.io logo urlscan.io
SecurityTrails logo

carrken.fordeal.com Open in urlscan Pro
104.18.20.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://carrken.fordeal.com/
Effective URL: https://carrken.fordeal.com/de-DE/
Submission: On November 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 72 HTTP transactions. The main IP is 104.18.20.145, located in and belongs to CLOUDFLARENET, US. The main domain is carrken.fordeal.com.
TLS certificate: Issued by E6 on October 3rd 2024. Valid for: 3 months.
This is the only time carrken.fordeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 104.18.20.145 13335 (CLOUDFLAR...)
9 104.18.25.201 13335 (CLOUDFLAR...)
19 104.18.24.201 13335 (CLOUDFLAR...)
1 2600:9000:264... 16509 (AMAZON-02)
2 157.240.253.1 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
2 157.240.253.35 32934 (FACEBOOK)
1 142.250.185.100 15169 (GOOGLE)
1 54.81.184.157 14618 (AMAZON-AES)
5 54.204.202.163 14618 (AMAZON-AES)
1 52.85.65.36 16509 (AMAZON-02)
3 2600:9000:21f... 16509 (AMAZON-02)
72 16
18    104.18.20.145 (None, )

ASN13335 (CLOUDFLARENET, US)
carrken.fordeal.com
gw.fordeal.com
dot.fordeal.com
9    104.18.25.201 (None, )

ASN13335 (CLOUDFLARENET, US)
s4.forcloudcdn.com
s3.forcloudcdn.com
19    104.18.24.201 (None, )

ASN13335 (CLOUDFLARENET, US)
s3.forcloudcdn.com
1    2600:9000:2644:2a00:f:1b37:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
b1c895c26dcd.cdn4.forter.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.de
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
1    54.81.184.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-184-157.compute-1.amazonaws.com
305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com
5    54.204.202.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-202-163.compute-1.amazonaws.com
cdn0.forter.com
1    52.85.65.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-36.muc50.r.cloudfront.net
cdn3.forter.com
3    2600:9000:21f3:2600:10:f40e:dd80:21 (United States)

ASN16509 (AMAZON-02, US)
df45ay5pw60dy.cloudfront.net
Apex Domain
Subdomains		 Transfer
28 forcloudcdn.com
s4.forcloudcdn.com
s3.forcloudcdn.com
235 KB
18 fordeal.com
carrken.fordeal.com
gw.fordeal.com
dot.fordeal.com
dot-hub-x.fordeal.com Failed
28 KB
8 forter.com
b1c895c26dcd.cdn4.forter.com — Cisco Umbrella Rank: 551982
305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com
cdn0.forter.com — Cisco Umbrella Rank: 4475
cdn3.forter.com — Cisco Umbrella Rank: 3911
161 KB
3 cloudfront.net
df45ay5pw60dy.cloudfront.net
838 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
www.google.com — Cisco Umbrella Rank: 3
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
230 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
557 B
0 sc-static.net Failed
sc-static.net Failed
72 11
Domain Requested by
21 s3.forcloudcdn.com s4.forcloudcdn.com
carrken.fordeal.com
10 gw.fordeal.com s4.forcloudcdn.com
7 s4.forcloudcdn.com carrken.fordeal.com
6 dot.fordeal.com s4.forcloudcdn.com
5 cdn0.forter.com
3 df45ay5pw60dy.cloudfront.net
3 www.googletagmanager.com s4.forcloudcdn.com
www.googletagmanager.com
2 www.facebook.com carrken.fordeal.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net s4.forcloudcdn.com
connect.facebook.net
2 carrken.fordeal.com 1 redirects
1 cdn3.forter.com
1 305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com
1 www.google.com www.googletagmanager.com
1 www.google.de carrken.fordeal.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 b1c895c26dcd.cdn4.forter.com carrken.fordeal.com
0 dot-hub-x.fordeal.com Failed carrken.fordeal.com
0 sc-static.net Failed s4.forcloudcdn.com
72 19
Subject Issuer Validity Valid
fordeal.com
E6		 2024-10-03 -
2025-01-01		 3 months crt.sh
forcloudcdn.com
E6		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.cdn4.forter.com
Amazon RSA 2048 M03		 2024-08-08 -
2025-09-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.cdn.forter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-10 -
2025-08-10		 a year crt.sh
cdn0.forter.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-10 -
2025-07-08		 a year crt.sh
cdn3.forter.com
Amazon RSA 2048 M02		 2024-06-19 -
2025-07-18		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh

This page contains 3 frames:

Primary Page: https://carrken.fordeal.com/de-DE/
Frame ID: CDB3F43201E8F2197148B6D79D202B65
Requests: 69 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fcarrken.fordeal.com
Frame ID: CB4A348F4817B10D3B75D1540C531FEE
Requests: 1 HTTP requests in this frame

Frame: https://dot-hub-x.fordeal.com/api/csp-reports?who=client_customer&app=fordeal
Frame ID: E90AF912F3EAC9C4B8BB4BE92507573C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CarrKen

Page URL History Show full URLs

  1. https://carrken.fordeal.com/ HTTP 302
    https://carrken.fordeal.com/de-DE/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • forter\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

72
Requests

94 %
HTTPS

33 %
IPv6

11
Domains

19
Subdomains

16
IPs

4
Countries

730 kB
Transfer

1962 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://carrken.fordeal.com/ HTTP 302
    https://carrken.fordeal.com/de-DE/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
carrken.fordeal.com/de-DE/
Redirect Chain
  • https://carrken.fordeal.com/
  • https://carrken.fordeal.com/de-DE/
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11c0ecf7817f5dd9a364b32a440bbcd5f5a92d6078459d60b7ce1d99a661429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e917644dc9b2681-TXL
content-encoding
gzip
content-security-policy-report-only
default-src https:; script-src 'report-sample' 'self' 'nonce-0b151674a4bea5223401b123d7353533' 'sha256-Uar6/o6bHxLbvYdSPaAi9aPBl0o2QLBH4YZtTV7Yh9U=' *.forcloudcdn.com *.forter.com analytics.tiktok.com analytics.twitter.com app.link cdn.branch.io connect.facebook.net dkupaw9ae63a8.cloudfront.net googleads.g.doubleclick.net maps.googleapis.com sc-static.net static.ads-twitter.com tools.luckyorange.com tr.snapchat.com websdk.appsflyer.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.youtube.com; style-src 'self' 'unsafe-inline' *.forcloudcdn.com fonts.googleapis.com; connect-src https: wss:; img-src data: https:; font-src data: https:; frame-src 'self' bid.g.doubleclick.net bytedance: fordeal: sslocal: tr.snapchat.com tr6.snapchat.com www.facebook.com www.youtube.com; object-src 'none'; child-src 'self' blob:; base-uri 'none'; report-uri https://dot-hub-x.fordeal.com/api/csp-reports?who=client_customer&app=fordeal
content-type
text/html; charset=utf-8
date
Wed, 27 Nov 2024 10:33:47 GMT
referrer-policy
origin,strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Language, User-Agent
x-cache-status
BYPASS
x-content-type-options
nosniff
x-server
aws-ir1-front-gacha-prod-030128

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=0
cf-cache-status
DYNAMIC
cf-ray
8e9176444bf02681-TXL
content-length
142
content-type
text/html
date
Wed, 27 Nov 2024 10:33:46 GMT
location
/de-DE/
server
cloudflare
vary
Cookie
footer.css
s4.forcloudcdn.com/-/libs/fd-base-style/1.4.2/base.pc.css,libs/fd-pc-module/1.7.5/shop-header.css,libs/fd-pc-module/1.7.5/ 		32 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-base-style/1.4.2/base.pc.css,libs/fd-pc-module/1.7.5/shop-header.css,libs/fd-pc-module/1.7.5/footer.css
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63386a24c96f57641105dd87151d9605a639397b9b56993babd0b964a859e2dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"7faa-qkr98gwjp0DnZCXkKzF8Nj7w4Mc"
cf-cache-status
HIT
expires
Thu, 27 Nov 2025 10:33:47 GMT
cf-polished
origSize=32682
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 31 Jan 2024 08:40:40 GMT
vary
Origin, Accept-Encoding
web
aws-ir1-front-cdnsrc-prod-017224
x-cache-status
MISS
cache-control
public, max-age=31536000
cf-ray
8e9176474bb5e51b-TXL
access-control-allow-origin
*
server
cloudflare
detail.css
s4.forcloudcdn.com/assets/pc-fd-shop/0.2.0/ 		14 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/assets/pc-fd-shop/0.2.0/detail.css
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3e7dc9b30b0489d73abd2788339c773674400287330209df4fa5c201448066

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"267a2ee4feb9991b901811f93a31fb2b"
x-amz-version-id
null
expires
Thu, 27 Nov 2025 10:33:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
content-type
text/css
last-modified
Wed, 31 Jan 2024 11:56:50 GMT
vary
Accept-Encoding
x-amz-id-2
ZlMq35XsV2sNhGJO7+XUH6DJrDYx7BRrWYC91oV3ZSIEdsPrikBDgKHMuKnQrAHHLlhUOaHUGJE=
cache-control
public, max-age=31536000
x-amz-request-id
STXADJX2TT20GR1G
cf-ray
8e9176474bace51b-TXL
server
cloudflare
x-amz-server-side-encryption
AES256
js.cookie.min.js
s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a848016ddc7df00d5bcac65a24a0996a2a58748f4122281ea5de050139464d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://carrken.fordeal.com/

Response headers

x-cache-status
MISS
server
cloudflare
cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1b322-RI56WUDcvwLcAccO0sckgAnbxNU"
cf-ray
8e9176474a2ee517-TXL
expires
Thu, 27 Nov 2025 10:33:47 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
web
aws-ir1-front-cdnsrc-prod-016055
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
last-modified
Mon, 25 Dec 2023 03:31:17 GMT
base.js
s4.forcloudcdn.com/-/libs/fd-polyfill/1.2.1/polyfill.js,libs/fd-f/3.7.2/f.js,libs/fd-ttl-cache/1.0.2/cache.js,libs/fd-image/1.6.1/image.js,libs/fd-base/1.8.7/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.2.1/polyfill.js,libs/fd-f/3.7.2/f.js,libs/fd-ttl-cache/1.0.2/cache.js,libs/fd-image/1.6.1/image.js,libs/fd-base/1.8.7/base.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de82ba0f89d863e912f5f5d570ffb41a5f6d5a3d0bde976565d183df0ac271d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://carrken.fordeal.com/

Response headers

x-cache-status
MISS
server
cloudflare
cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"ad66-GCbqd7mJTrnZl5CbS8b9YyIfLPk"
cf-ray
8e9176474a27e517-TXL
expires
Thu, 27 Nov 2025 10:33:47 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
web
aws-ir1-front-cdnsrc-prod-026130
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
last-modified
Wed, 06 Dec 2023 08:00:22 GMT
promotion.js
s4.forcloudcdn.com/-/libs/fd-url/1.6.3/url.js,libs/fd-dwp/1.10.0/dwp.js,libs/fd-dce/1.1.2/dce.js,libs/fd-f-dot/1.1.0/f-dot.js,libs/fd-trace/1.0.17/trace.js,libs/fd-promotion/1.14.4/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-url/1.6.3/url.js,libs/fd-dwp/1.10.0/dwp.js,libs/fd-dce/1.1.2/dce.js,libs/fd-f-dot/1.1.0/f-dot.js,libs/fd-trace/1.0.17/trace.js,libs/fd-promotion/1.14.4/promotion.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de098b7d278b30d7f1b00b433f8e2872c2a73c13b7bf23cc09f40e754613a431

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://carrken.fordeal.com/

Response headers

x-cache-status
MISS
server
cloudflare
cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"13b35-r2cbtm+4vYK8elHoiJWdXy5v9Yw"
cf-ray
8e9176474a2ae517-TXL
expires
Thu, 27 Nov 2025 10:33:47 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
web
aws-ir1-front-cdnsrc-prod-028094
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
last-modified
Mon, 22 Jan 2024 08:08:07 GMT
footer.js
s4.forcloudcdn.com/-/libs/fd-vue-ui/1.1.2/popper.js,libs/fd-pc-module/1.7.5/shop-header.js,libs/fd-pc-module/1.7.5/ 		198 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/-/libs/fd-vue-ui/1.1.2/popper.js,libs/fd-pc-module/1.7.5/shop-header.js,libs/fd-pc-module/1.7.5/footer.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d9cf4011b45d83bd42548546b10ec2ac5de837b645024a82d9b469c24986be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://carrken.fordeal.com/

Response headers

x-cache-status
MISS
server
cloudflare
cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"3162f-nNolhJl/Cmd5qUq9Qp59kWwAUOM"
cf-ray
8e9176474a20e517-TXL
expires
Thu, 27 Nov 2025 10:33:47 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
web
aws-ir1-front-cdnsrc-prod-017224
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
last-modified
Wed, 31 Jan 2024 08:40:41 GMT
detail.js
s4.forcloudcdn.com/assets/pc-fd-shop/0.2.0/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.forcloudcdn.com/assets/pc-fd-shop/0.2.0/detail.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c4bcbc5bc1f20d460cd3e818a03672820d2f74a7304cfd43e52be622b3ad63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
6000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"f3a012c6002b4aa09ad8aba22dfd5711"
x-amz-version-id
null
access-control-allow-methods
GET
expires
Thu, 27 Nov 2025 10:33:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 31 Jan 2024 11:56:50 GMT
x-amz-id-2
cJbTnp+ViUNo1Nf1d/UFKeXDVRpzwsaKc5Q6k7ElteGwiVYZI5WMKtae6uXN11NR5PrCqMneU98=
cache-control
public, max-age=31536000
x-amz-request-id
XQJG8TP38QNBAXH8
cf-ray
8e9176474a24e517-TXL
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ 		106 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0deba05fe16e6195f8922699cf650e0895a3095a33d4585773970eeb67d0f6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Montserrat-Regular.54728048.woff2
s3.forcloudcdn.com/assets/fd-shared/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/fonts/Montserrat-Regular.54728048.woff2
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-base-style/1.4.2/base.pc.css,libs/fd-pc-module/1.7.5/shop-header.css,libs/fd-pc-module/1.7.5/footer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://s4.forcloudcdn.com/

Response headers

access-control-max-age
6000
cf-cache-status
MISS
etag
"547280480741beea41eee6d45aa0ab51"
x-amz-version-id
dTPBzyImg90qwpGkD40GxLiv18tYDyUv
access-control-allow-methods
GET
expires
Thu, 27 Nov 2025 10:33:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:47 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:33:00 GMT
x-amz-id-2
hnkOiWAOmghomsX/bNa7ZV/lWB+8tHd6hGysx3TjDd/UzIonvB0mfWNnoIbIeby9iBmNoLWw/YI=
cache-control
public, max-age=31536000
x-amz-request-id
XQJZ5VDEPH3YHK9V
cf-ray
8e9176492a81e517-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
14172
server
cloudflare
1
gw.fordeal.com/gw/dwp.horizon.config/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?sid=1&data=%7B%22key%22%3A%22h5TrackerConfig%22%7D&gw_ver=1&ct=1732703627795&plat=pc&appname=fordeal&sign=6b43b7e88d04c86c7e6b0038e537fcc1&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c67d81f49c95dbeb81971a63c76e6188a65ec54f5d691375eb16f7575241ab
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
content-encoding
br
cf-cache-status
DYNAMIC
gw-st
1732703628076
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
0
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.268.17327036280767495
access-control-allow-credentials
true
cf-ray
8e91764b1c302681-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
gw-code
1001
truncated
/ 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
1
gw.fordeal.com/gw/dwp.trade-center-api.divisionRegionAll/ 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.trade-center-api.divisionRegionAll/1?sid=2&data=&gw_ver=1&ct=1732703628013&plat=pc&appname=fordeal&sign=1708810f9607204aa20f6b9cadaeb39e&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9312cc43989e04f0a53308e5f34bc3c0d6f2091f8955f2f12550209cfc3442
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
1
content-encoding
gzip
cf-cache-status
DYNAMIC
gw-st
1732703628262
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
5
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.361.17327036282571531
access-control-allow-credentials
true
cf-ray
8e91764c5b1a58f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
trade-center-589f47657c-bz8k7
server
cloudflare
gw-code
1001
1
gw.fordeal.com/gw/dwp.item_api.getShopDetail/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.item_api.getShopDetail/1?sid=3&data=%7B%22merchantDomain%22%3A%22carrken.fordeal.com%22%7D&gw_ver=1&ct=1732703628087&plat=pc&appname=fordeal&sign=cabf0ba99d52d3b5e21a3528a4685c2d&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e0077300c4f8ff2e9e5faaafd442641ef6aa0d03b39e940fe74b44e3dd4e50
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
6
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703628266
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
10
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.177.17327036282569513
access-control-allow-credentials
true
cf-ray
8e91764c5b1f58f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
item-service-656b6c5645-mppcj
server
cloudflare
gw-code
1001
1
gw.fordeal.com/gw/dwp.customerCenter.freePostage/ 		178 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.customerCenter.freePostage/1?sid=4&data=&gw_ver=1&ct=1732703628172&plat=pc&appname=fordeal&sign=ba0d83a2a1bc8ffc0896e3402859b168&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2911a5e982571e42dd8a5c8c97b643b0d9a8ac30a1cfc9bd407a7496e3edc9ae
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
0
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703628265
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
9
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.355.17327036282568915
access-control-allow-credentials
true
cf-ray
8e91764c5b2058f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
customer-center-6db548f899-bwbpq
server
cloudflare
gw-code
1001
1
gw.fordeal.com/gw/dwp.tradeCartWeb.countCart/ 		107 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.tradeCartWeb.countCart/1?sid=5&data=&gw_ver=1&ct=1732703628173&plat=pc&appname=fordeal&sign=d05f9a28dfc23373dbe0c7899f4b7b96&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1acee1ab01f9fb4934ae143c9ba5d071f9c0e6b833f6c384484d49936d5168
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
2
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703628262
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
8
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.521.17327036282543895
access-control-allow-credentials
true
cf-ray
8e91764c5b2158f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
cart-center-566d698cc6-7s5x8
server
cloudflare
gw-code
1001
1
gw.fordeal.com/gw/dwp.cheetah.mget/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.mget/1?sid=6&data=%7B%22pids%22%3A%22114923%2C114933%2C114934%2C114935%22%7D&gw_ver=1&ct=1732703628175&plat=pc&appname=fordeal&sign=822cb1a286e2ab2d68bf0cc7c5b850ca&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a930bf07fa4825e0d837876fb3f27ef80ddb8f018bab89906219f697b9a0d05
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
6
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703628269
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
9
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.294.17327036282603395
access-control-allow-credentials
true
cf-ray
8e91764c5b2558f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
cheetah-84458df486-ghshc
server
cloudflare
gw-code
1001
dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
s3.forcloudcdn.com/dmc/ 		690 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4489d7f9b2cda79b8237370d6b366e03be68a04aa279b8a144dc42256b9d5dd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
0ECgH3RObjKKgibUE.9n27kHio5rQYXX
etag
W/"fd8982e7f3265f4df7eb5a0478932a76"
age
2763291
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
vary
Accept-Encoding
x-amz-id-2
7K/4ym+0RT231NHlcOvMbDKOTi5s0dhId3ylHxofdvQ2oIOPSjFJt/rzp9yadXu8PAhdxlhIVo8=
cache-control
public, max-age=2678400
x-amz-request-id
MF8AYEBMC4Q2QW9J
cf-ray
8e91764faac0e521-TXL
server
cloudflare
0484da8e-72cb-443a-bbed-92806d56cf1c.svg
s3.forcloudcdn.com/dmc/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/0484da8e-72cb-443a-bbed-92806d56cf1c.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1600bf16a821098b0cfb481fc0e6d8440b1c0c0828623a27ceb8b6193d1b5eb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
yjI7bre2xaxJrcDJo8BLvFUmCHLDwcov
etag
W/"1cfcd5af030d2898d8b5a12c60e4c3dd"
age
2794234
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
vary
Accept-Encoding
x-amz-id-2
0PQVRPbY/1cZS/X7oeBnxSHHbKzpX5WMB5xeeUqhhUlpzdDZoVuCpoHrEYFx6xzB2iKjs0kFS+OtV49h+JNGQg==
cache-control
public, max-age=2678400
x-amz-request-id
A7MHGD4SXDKDDWTA
cf-ray
8e91764faab7e521-TXL
server
cloudflare
7fa001b7-9521-40a0-be38-1e11c84b780c.svg
s3.forcloudcdn.com/dmc/ 		354 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/7fa001b7-9521-40a0-be38-1e11c84b780c.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e4fb6b45eaab42347fcc2e5a33a2d1cdbab61b97d3a4bf7fb7dc028985017b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
72zfSNc1qzFt1yOLsl55SY5vKaKlrAt7
etag
W/"8947d8ffd7d6f1fafbc7857ec914d494"
age
536186
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
vary
Accept-Encoding
x-amz-id-2
lt4641MFRPb6E7gxzoWyitg6R0B+OoW6EdfkLgBeAfH104jWz98iicDvuea0bmmTvQPDa1y/Zzw=
cache-control
public, max-age=2678400
x-amz-request-id
TSJYTWT2JN920MEG
cf-ray
8e91764faad1e521-TXL
server
cloudflare
d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
s3.forcloudcdn.com/dmc/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a4d33167f969c3a15858db0e93efa46c53b69668cafad85c1f6d272aa4e5d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
kwCFutP0Lgnpyfn3jsXdSo7TGu0KAN1C
etag
W/"db8a1721faae2bcefd4609023836f8d6"
age
2763291
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
vary
Accept-Encoding
x-amz-id-2
5cSb5FW/LPGsGB0BoXHdMn7j6gAN3XjB9V7SFnsEXrs9YjLvF/2gnfm7AwRsGpAfOohBW3LKHl0=
cache-control
public, max-age=2678400
x-amz-request-id
XFX41Z220F710M9F
cf-ray
8e91764faacce521-TXL
server
cloudflare
1
gw.fordeal.com/gw/dwp.pandora.search/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.pandora.search/1?sid=7&data=%7B%22sort%22%3A%22pop%22%2C%22page%22%3A1%2C%22pageSize%22%3A40%2C%22cparam%22%3A%22%22%2C%22code%22%3A%22shop_detail%22%2C%22shopId%22%3A5078%7D&gw_ver=1&ct=1732703628508&plat=pc&appname=fordeal&sign=11bfb8964647c86fa0196939b12c6a5d&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5954a368cfd7c60a6908df70c3e4fdcc929e430db409800a29ef581972a3f6c
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
5
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703628575
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
7
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.506.17327036285682869
access-control-allow-credentials
true
cf-ray
8e91764e6e2658f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
pandora-74fb446ccc-ntv4c
server
cloudflare
gw-code
1001
script.js
b1c895c26dcd.cdn4.forter.com/sn/b1c895c26dcd/ 		344 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b1c895c26dcd.cdn4.forter.com/sn/b1c895c26dcd/script.js
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:2a00:f:1b37:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bdc3059384f3ef4f5bad86148327e9ad20970bfb37ad12831176815a3b92ef5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
etag
W/"d8b25fff7e56fb8bfa8a2aa319df1d2f"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LORYk7C9hmMoKuObg_HM9BjAlpA51FKqNn4ca9NTFjQYamWc8ELyeg==
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 09:32:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=86400; includeSubDomains
cache-control
private, immutable, max-age=600
timing-allow-origin
*
via
1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-sourcemap
https://cdn4.forter.com/map/suid/b1c895c26dcd/62066742380
x-amz-cf-pop
FRA60-P6
truncated
/ 		250 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebff6ed5921d1d0428488ebf47e648c69a85f371af83fdf7888f3523af36747d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
174b79aa7d83c408048ee79cf36d8b7457b8ca9b6e2e4c7d6c3d67301697d435

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Montserrat-SemiBold.236f6b24.woff2
s3.forcloudcdn.com/assets/fd-shared/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/fonts/Montserrat-SemiBold.236f6b24.woff2
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-base-style/1.4.2/base.pc.css,libs/fd-pc-module/1.7.5/shop-header.css,libs/fd-pc-module/1.7.5/footer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7bb64d7c61c385f01fc5b9ca4dcee2c85ada201f0c8ece739d4bb6951c81ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://carrken.fordeal.com
Referer
https://s4.forcloudcdn.com/

Response headers

access-control-max-age
6000
cf-cache-status
MISS
etag
"236f6b246e345286317a121d11c2d462"
x-amz-version-id
HDSxCYf2WM4nn7pJ8gIM9aeqdde36Vpg
access-control-allow-methods
GET
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
font/woff2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 06 Dec 2021 14:33:01 GMT
x-amz-id-2
orhhbWPXx298GZkY7JWBcfKzppXySERZBXMG1OrOToDI+ZtJM4WserwxZxru8xigTAJ4FYvGcO8=
cache-control
public, max-age=31536000
x-amz-request-id
YE90EQC285QJKPGE
cf-ray
8e91764f0f1ae517-TXL
accept-ranges
bytes
access-control-allow-origin
*
content-length
13908
server
cloudflare
1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.png
s3.forcloudcdn.com/dmc/ 		198 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.png
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a74c61b630814919f8274bbf0a81941b6c5efaa1fdc328dd76c79277ff24745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"06338aafa0957ee12643cf84652cea86"
x-amz-version-id
jHdTEO20IfWbYYWz6wogSfZ_l82c4jws
cf-cache-status
HIT
age
2805346
expires
Sat, 28 Dec 2024 10:33:48 GMT
cf-polished
origFmt=png, origSize=447
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/webp
content-disposition
inline; filename="1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.webp"
vary
Accept
last-modified
Mon, 21 Oct 2019 02:56:33 GMT
x-amz-id-2
GQIKOU0G7nXco0aLbzbylPwPIAhtjQ5BXWPXkcm6kKbaizALVVKSfSqbZBWHb40PeRy9eQ78FpQ=
cache-control
public, max-age=2678400
x-amz-request-id
51EN5X1AMDRN4BXG
cf-ray
8e91764faac3e521-TXL
accept-ranges
bytes
content-length
198
server
cloudflare
1
gw.fordeal.com/gw/dwp.common.allDomain/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.common.allDomain/1?sid=8&data=&gw_ver=1&ct=1732703628556&plat=pc&appname=fordeal&sign=dd931e237f434c3fb96e0a7a320c3053&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24cdb7e1b241e437e43cc96dee22b8d76d454f96396ccba13ae36b420d59cdd8
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
content-encoding
br
cf-cache-status
DYNAMIC
gw-st
1732703628652
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
0
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.184.17327036286521158
access-control-allow-credentials
true
cf-ray
8e91764eeeed58f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
gw-code
1001
1
gw.fordeal.com/gw/dwp.horizon.config/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?sid=9&data=%7B%22key%22%3A%22FE.pixel.mobile.fordeal%22%7D&gw_ver=1&ct=1732703628561&plat=pc&appname=fordeal&sign=54562cb469fe16eaa29b31e87cd8534f&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0919bbaa56fe7b33858493210a618ba4bf368cd4e2d88ee33e9f1feabf475df
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
content-encoding
br
cf-cache-status
DYNAMIC
gw-st
1732703628658
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703628
gw-rt
0
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.507.17327036286585302
access-control-allow-credentials
true
cf-ray
8e91764eeef258f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
gw-code
1001
8499222c-bdf8-4259-8b10-b12799b26cf0.svg
s3.forcloudcdn.com/dmc/ 		633 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/8499222c-bdf8-4259-8b10-b12799b26cf0.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd104039a74f86c60c1561a3eef0c7e595ae574450fe83db4fa4be97a9cd462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
971D8sjg89f_ZLYqAngwMsQNjgZKuqaI
etag
W/"621845557cfba991fca2996b6b5e4c0d"
age
536189
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
vary
Accept-Encoding
x-amz-id-2
JJ3hwdj0+ic0G6DT4kIpw44z1G+B/Ma+PUR2KS+hiE4iVt/HCTuQh4uc23lBZmG4+gFePBWe5ZSRUdTwdbYT6/c6USMVNdmBgmVhX87Tm/U=
cache-control
public, max-age=2678400
x-amz-request-id
RH66E97F3NCERY2R
cf-ray
8e91764faad6e521-TXL
server
cloudflare
7e704b84-16cb-43db-b484-952fc448f93f.svg
s3.forcloudcdn.com/dmc/ 		551 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/7e704b84-16cb-43db-b484-952fc448f93f.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb9bc31b7eed956ad901e0543fbfa21b7ff60b58eac79bfd0a54a46225c61e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
vGr1QlSBhF.jGikZKUz_2cQ_WJ6lG0Z0
etag
W/"c9a212f7a9f83ef7326daee2b887bda2"
age
2805346
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
vary
Accept-Encoding
x-amz-id-2
H3VrQKLSZ1wXlqQDKQK2CnfIG/QnhFxtVd3JR4zEbboRQUwtl2pg/YWliSD6Lak20fCts9sC4G8=
cache-control
public, max-age=2678400
x-amz-request-id
W529C4DRAA8KD0TY
cf-ray
8e91764faad4e521-TXL
server
cloudflare
d3aac5cb-8ffd-4bf3-b599-f609ce2851cc.svg
s3.forcloudcdn.com/dmc/ 		436 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/d3aac5cb-8ffd-4bf3-b599-f609ce2851cc.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57a3c075dc5d80c5626e963e748fb761599b41f3b032dea01f4c80ad516317f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
nUf2VU_vLwndmxFHows5R4gPEQG.FO3D
etag
W/"8bbd5b3308ab37cd81b8192bce2bacc0"
age
497292
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
vary
Accept-Encoding
x-amz-id-2
MdVz7f/9usOSNHQWoNZY5C8Kn2s88YvDpDi5ORGAGZUzGqiWegIzTVwP+FwPfPc3icq9+/kDSU9ogaX8VSw+Eg==
cache-control
public, max-age=2678400
x-amz-request-id
DTB2CQVN427G5X1H
cf-ray
8e91764faadde521-TXL
server
cloudflare
aa6477ef-d268-4a71-899a-a14967fd3b01.svg
s3.forcloudcdn.com/dmc/ 		605 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/aa6477ef-d268-4a71-899a-a14967fd3b01.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49fba0d26ce7f9fb0ea2cfa04ca13c34fd5bda0650f9a89af2469956f860695

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
VNw7_V7c2VHoyF8cNv691em066eJy9O9
etag
W/"baff82e41fa0cf90ab760de04589624b"
age
2763290
expires
Sat, 28 Dec 2024 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Mon, 28 Dec 2020 04:19:47 GMT
vary
Accept-Encoding
x-amz-id-2
lvPfQbqZyaJALifDyaaaqaiyrPuyWb2LXLZxKdNx/TDsQKQlEliu7GU+IuwwQJYAPHXciTRzfJ81Fd8zLxiOIg==
cache-control
public, max-age=2678400
x-amz-request-id
MBN6SCD7F6XJVM2T
cf-ray
8e91764faae0e521-TXL
server
cloudflare
7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.png
s3.forcloudcdn.com/dmc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.png
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82969cefa97e790bcd90417d3685f93defb2ef60d5b30426990ad08a74b5021

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"a5c3a421ff1b0a43ff7e53a7b67ecbe1"
x-amz-version-id
4wHZjWCs4KoAdP2nKL2EihYf6.c7c1gs
cf-cache-status
HIT
age
2763290
expires
Sat, 28 Dec 2024 10:33:48 GMT
cf-polished
origFmt=png, origSize=2016
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/webp
content-disposition
inline; filename="7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.webp"
vary
Accept
last-modified
Fri, 27 Nov 2020 04:05:55 GMT
x-amz-id-2
+bH/zhD82AwQtwMtf04y+4faomADR5+w8Dco4Jr0TS4vkWbVk0nG1T6/RVzkY/k3eBrlPVV/NwFkraPrYMGSnzOhLnom3uqf
cache-control
public, max-age=2678400
x-amz-request-id
ENJSJFYJPWM2ATRM
cf-ray
8e91764fbaece521-TXL
accept-ranges
bytes
content-length
1572
server
cloudflare
033580da-95a9-42e7-885e-f530e2df4116-64x64.png
s3.forcloudcdn.com/dmc/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/033580da-95a9-42e7-885e-f530e2df4116-64x64.png
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dc11b0b3e1511dcb3952ce0650c9a5832db1d6390bc30c2e020e5da32868a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"fcbc20c951d0155289fa77020d682590"
x-amz-version-id
nzYRZbf3wUT2GLVFxt0jicImkh2Ly0gI
cf-cache-status
HIT
age
2765446
expires
Sat, 28 Dec 2024 10:33:48 GMT
cf-polished
origFmt=png, origSize=1848
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/webp
content-disposition
inline; filename="033580da-95a9-42e7-885e-f530e2df4116-64x64.webp"
vary
Accept
last-modified
Fri, 27 Nov 2020 04:06:32 GMT
x-amz-id-2
yk5iteZ+uDKKoAZ7Y+J+csCkQIupsOsY9laqNGvKrs4wLf6dJRWIpblG9wNALV6jYeofEBMUBpk=
cache-control
public, max-age=2678400
x-amz-request-id
51EGZ9VXFNG6NNDX
cf-ray
8e91764fbaefe521-TXL
accept-ranges
bytes
content-length
1256
server
cloudflare
fd-facebook.d6d90c45.svg
s3.forcloudcdn.com/assets/fd-shared/icons/ 		345 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-facebook.d6d90c45.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1923f0c4d1fab0d6b8b38acdb3565258aaf46e0f5d363e4f97224db3253516f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
SY3QF8PshcUx8c8WBOQ9WwMdGlQvJgJP
etag
W/"d6d90c451c331a4c4c81e92459af9d51"
age
2765446
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Sat, 12 Sep 2020 12:47:36 GMT
vary
Accept-Encoding
x-amz-id-2
CWhrmwkfTG6deb6DalDa1hsu5dMMlTpCndhVwrXFKGlGfog1E7E0TT9PEMfcGYLmxX/yjQaR3BrclH/xpJo1hw==
cache-control
public, max-age=31536000
x-amz-request-id
P6T3AF5VETYBTB12
cf-ray
8e91764fbaf1e521-TXL
server
cloudflare
fd-instagram.9cffda69.svg
s3.forcloudcdn.com/assets/fd-shared/icons/ 		662 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-instagram.9cffda69.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc14cdfe6bcd8ec72e4351948303d530a0f2c304e8f9c726c6632c67591180c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
Moy356rWzT3zapB3yVTs8JdXymOrXri5
etag
W/"9cffda69e3b939e7b5a45ee82646447a"
age
2763290
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Sat, 12 Sep 2020 12:47:36 GMT
vary
Accept-Encoding
x-amz-id-2
9LLkofHfOcTDLuJ6w7u4+/iwkXNjTO8X3BkKSaKViP5zqe/kILLz3JcBGV9ltGL1xptx1l90jCZPeCDn1cy4iA==
cache-control
public, max-age=31536000
x-amz-request-id
DTB30B3D2H6WV84N
cf-ray
8e91764fbaf3e521-TXL
server
cloudflare
fd-twitter.2ff47730.svg
s3.forcloudcdn.com/assets/fd-shared/icons/ 		558 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-twitter.2ff47730.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be490d3fb5c10d7c74d2f9da742d81cf8138b4e7ee5e2479974e0675335fd5e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
dMConmBMuXHnDvPbd2QrwmMqCTbPrO_J
etag
W/"2ff477306484ebaf4209800788dca7f6"
age
2794233
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Sat, 12 Sep 2020 12:47:37 GMT
vary
Accept-Encoding
x-amz-id-2
Oc61hROesc1tVeI05B426/FPyJwP/KpT6QoZdH5383/5/4G+8pt0oSXxqQBiVqjGb4HA8YPMfHAyn1EqFjGnjg==
cache-control
public, max-age=31536000
x-amz-request-id
W8B462P44H6WDRQT
cf-ray
8e91764fbaf8e521-TXL
server
cloudflare
fd-youtube.7ac04726.svg
s3.forcloudcdn.com/assets/fd-shared/icons/ 		450 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-youtube.7ac04726.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324997cccef64b8971a628a6f793952cc55c0e98f3f83f4dcc628b2624d0aca1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
RmqbWX9DhWQDf9a8d27ORJ_yfft.cSzm
etag
W/"7ac04726c25f9f7144ec449dc5aee06d"
age
2765446
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Sat, 12 Sep 2020 12:47:38 GMT
vary
Accept-Encoding
x-amz-id-2
TqhGrDr8NGm33PhkBgDsok5opbAyPZVkLlnYZvmOgnN2XQ0BdjLzCkyl/rwrnDf8HvSIuUDWKDlZw3TutckfcNblVApX+zl5
cache-control
public, max-age=31536000
x-amz-request-id
3WRS92AXCVEC0ACW
cf-ray
8e91764fbb00e521-TXL
server
cloudflare
fd-linkedin.158451f5.svg
s3.forcloudcdn.com/assets/fd-shared/icons/ 		430 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-linkedin.158451f5.svg
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65c0e88ae6a08250d4f9579c709dfcd52ecbb200044d14b61bf8681dd17e9c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
I.ESj.F8p9hjPVCrjAQvdvcJ6g4LJMKe
etag
W/"158451f54a5ace1511f7a5c122cfad06"
age
2763289
expires
Thu, 27 Nov 2025 10:33:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/svg+xml
last-modified
Sat, 12 Sep 2020 12:47:37 GMT
vary
Accept-Encoding
x-amz-id-2
KsVUQciYjYgFPEju176ojrt8pFlybnHk8wkSSu33FsbKor3OIk7nfTF3sAPItftV/nqu6RS5BKs=
cache-control
public, max-age=31536000
x-amz-request-id
79QFNGKKNBJYKHX2
cf-ray
8e91764fdb7ee521-TXL
server
cloudflare
089b8ec6-0385-45f3-afed-6faaa049b4bf-80x80.png
s3.forcloudcdn.com/dmc/ 		620 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/dmc/089b8ec6-0385-45f3-afed-6faaa049b4bf-80x80.png
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ce66c5950009673f70617e9fe178f48d6986bb0bc8bba06402d009362772b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"5eab8a3753b77e9da547e2b0c3f64b78"
x-amz-version-id
null
x-amz-meta-image-lambda-height
80
age
2763289
cf-cache-status
HIT
expires
Thu, 27 Nov 2025 10:33:48 GMT
cf-polished
origFmt=png, origSize=798
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/webp
content-disposition
inline; filename="089b8ec6-0385-45f3-afed-6faaa049b4bf-80x80.webp"
vary
Accept
last-modified
Thu, 14 Sep 2023 10:28:08 GMT
x-amz-meta-height
80
x-amz-meta-image-lambda-processed
true
x-amz-id-2
roFBrck4FIrYI+Sy+FtWlcihYEwAnfqYRYkGTLHpWEdd/4ynBSL6gZ1BY51pPkZ6zX8+RqJOYU8=
cache-control
public, max-age=31536000
x-amz-meta-width
80
x-amz-meta-image-lambda-width
80
x-amz-request-id
VTQ9CJ0CPWTXQ10S
accept-ranges
bytes
content-length
620
cf-ray
8e91764febe5e521-TXL
server
cloudflare
x-amz-server-side-encryption
AES256
dotMets
dot.fordeal.com/api/ 		32 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Referer
https://carrken.fordeal.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/json;charset=UTF-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
cf-ray
8e9176519b8758f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
dotMets
dot.fordeal.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotMets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://carrken.fordeal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://carrken.fordeal.com
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e917650af6ce521-TXL
date
Wed, 27 Nov 2024 10:33:48 GMT
front-end-https
on
server
cloudflare
x-envoy-upstream-service-time
1
list.373ef984.png
s3.forcloudcdn.com/assets/fd-shared/images/empty/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/images/empty/list.373ef984.png
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d23a250fb6e55aa0d0b694112b2275fef91b34449e43f9df12e7c874aedb99c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"373ef9844acaa59893292a698a7854d2"
x-amz-version-id
ppWc95tJVQZYYsvqiUsZdM7nj4wxbXqO
cf-cache-status
HIT
age
2522109
expires
Thu, 27 Nov 2025 10:33:48 GMT
cf-polished
origFmt=png, origSize=4780
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:48 GMT
content-type
image/webp
content-disposition
inline; filename="list.webp"
vary
Accept
last-modified
Wed, 20 May 2020 04:07:44 GMT
x-amz-id-2
YSU9FWWu/l6KfxzSq+b3ZzPGy8x4ahRCj6vjC6MJ3X655rxDiFX1yYjKSpfu1sFiQ9B1Vcdl2SFhIzamBN9UcNgUOUYo+zHs
cache-control
public, max-age=31536000
x-amz-request-id
1VK95G1EGGSJGF6N
cf-ray
8e91764febcce521-TXL
accept-ranges
bytes
content-length
4060
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.6.3/url.js,libs/fd-dwp/1.10.0/dwp.js,libs/fd-dce/1.1.2/dce.js,libs/fd-f-dot/1.1.0/f-dot.js,libs/fd-trace/1.0.17/trace.js,libs/fd-promotion/1.14.4/promotion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hPmCzBg2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hPmCzBg2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
2+UgMyKDmJ5/HiH3xQrCV02ZpokgWAdN6BSRhmuhtHz+nDTpaeeKoIjEp0boZXou4sxYFlrx0wYRlKjehGweCQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
scevent.min.js
sc-static.net/ 		0
0
js
www.googletagmanager.com/gtag/ 		405 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.6.3/url.js,libs/fd-dwp/1.10.0/dwp.js,libs/fd-dce/1.1.2/dce.js,libs/fd-f-dot/1.1.0/f-dot.js,libs/fd-trace/1.0.17/trace.js,libs/fd-promotion/1.14.4/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e341ad40f1ce597b66f91ace0a4acae07f4b8852fbfd12d2562ba0583fa7902d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 10:33:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133239
x-xss-protection
0
server
Google Tag Manager
1
gw.fordeal.com/gw/dwp.growth-api-svr.get_user_info/ 		108 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.fordeal.com/gw/dwp.growth-api-svr.get_user_info/1?sid=10&data=&gw_ver=1&ct=1732703628966&plat=pc&appname=fordeal&sign=c2653b8b3c05079f5ecc8ebe38528dbf&web_id=web_h5_a1271d32e34e430c8e5231203debd6c7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b4dd8bf133912aaf964c89d26835ec25bb33e230c21e6e842795a0871128b8
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://carrken.fordeal.com/

Response headers

access-control-max-age
3600
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
service-rt
14
cf-cache-status
DYNAMIC
content-encoding
br
gw-st
1732703629088
access-control-allow-methods
POST, GET, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/json;charset=UTF-8
priority
u=1,i
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,web_id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
front-end-https
on
s_timestamp
1732703629
gw-rt
16
cache-control
no-cache
timing-allow-origin
https://carrken.fordeal.com
gw-trace-sampling
0
gw-trace-id
0.web_f89ae82f310a405f994e600b6086631c.357.17327036290721849
access-control-allow-credentials
true
cf-ray
8e9176518b7158f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
real-server
attribution-service-5b8454cbf9-psltk
server
cloudflare
gw-code
1001
dotRecords
dot.fordeal.com/api/v2/ 		32 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Referer
https://carrken.fordeal.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/json;charset=UTF-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8e9176531e2758f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
dotRecords
dot.fordeal.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/v2/dotRecords
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://carrken.fordeal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://carrken.fordeal.com
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e9176521dbfe521-TXL
date
Wed, 27 Nov 2024 10:33:49 GMT
front-end-https
on
server
cloudflare
x-envoy-upstream-service-time
1
dotMets
dot.fordeal.com/api/ 		32 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Referer
https://carrken.fordeal.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/json;charset=UTF-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8e917655da7458f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
1232841863581518
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1232841863581518?v=2.9.176&r=stable&domain=carrken.fordeal.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
096158eb4e0777dcf9c127a13077f48ec74521eb3ffb40fe01fed27844e0b7e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kVGhP5Ys' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-kVGhP5Ys' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=73, mss=1232, tbw=70335, tp=66, tpl=0, uplat=148, ullat=0
pragma
public
x-fb-debug
vPVcdc6Jx1u5atlSWcD8jzXCkl66nlCwbGKn1If7GpP0FEq9ZG4/toRY2GoMkN8dzgMS8BGebLqCu7ztvSil/g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
0555ed94-678a-4da7-927d-1ee0ff0cb449
https://carrken.fordeal.com/ Frame 		0
0
js
www.googletagmanager.com/gtag/ 		291 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10952690751&l=dataLayer&cx=c&gtm=45je4bk0v887200850za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25a6c4d98c0586290417bf1990ff07667e31327632b292fb46f750d2c122a65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 27 Nov 2024 10:33:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:33:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101760
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EHRJ3G5MJS&gtm=45je4bk0v887200850za200&_p=1732703628967&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2039934559.1732703630&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732703630&sct=1&seg=0&dl=https%3A%2F%2Fcarrken.fordeal.com%2Fde-DE%2F&dt=CarrKen&uid=web_f89ae82f310a405f994e600b6086631c&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=3577
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://carrken.fordeal.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:33:53 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EHRJ3G5MJS&cid=2039934559.1732703630&gtm=45je4bk0v887200850za200&aip=1&uid=web_f89ae82f310a405f994e600b6086631c&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://carrken.fordeal.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:33:53 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EHRJ3G5MJS&cid=2039934559.1732703630&gtm=45je4bk0v887200850za200&aip=1&uid=web_f89ae82f310a405f994e600b6086631c&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=209962672
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 27 Nov 2024 10:33:50 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fcarrken.fordeal.com%2Fde-DE%2F&rl=&if=false&ts=1732703630303&sw=1600&sh=1200&ud[external_id]=b96eb64a55c4fa6d11b7481d3c0f8052495b3d88dcdf0ad63dde3be7bafd0826&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732703630291.170582265636051006&ler=empty&cdl=API_unavailable&it=1732703629811&coo=false&rqm=GET
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=23, mss=1232, tbw=4652, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 27 Nov 2024 10:33:50 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fcarrken.fordeal.com%2Fde-DE%2F&rl=&if=false&ts=1732703630303&sw=1600&sh=1200&ud[external_id]=b96eb64a55c4fa6d11b7481d3c0f8052495b3d88dcdf0ad63dde3be7bafd0826&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732703630291.170582265636051006&ler=empty&cdl=API_unavailable&it=1732703629811&coo=false&rqm=FGET
Requested by
Host: carrken.fordeal.com
URL: https://carrken.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441905426266624723"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:51 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
RBkMPHWp9Ha43uK8c0hPutZFO1jZDaMZDm/0M3ZhBtr3dEGAkcdV5k/k74pqQ/r8dCLgXdTITphoTpEHsqP8eg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441905426266624723", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=70, rtx=0, c=23, mss=1232, tbw=4972, tp=15, tpl=0, uplat=164, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
5bd818fc-bca0-491a-ac02-669f4ee2ada4
https://carrken.fordeal.com/ Frame 		0
0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fcarrken.fordeal.com%2Fde-DE%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1190988987.1732703631&auid=1561988587.1732703631&npa=1&uid=web_f89ae82f310a405f994e600b6086631c&ga_uid=G-EHRJ3G5MJS.web_f89ae82f310a405f994e600b6086631c&gtm=45be4bk0v890193990za200zb887200850&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732703630840&tfd=4200&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10952690751&l=dataLayer&cx=c&gtm=45je4bk0v887200850za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame CB4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fcarrken.fordeal.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10952690751&l=dataLayer&cx=c&gtm=45je4bk0v887200850za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Nov 2024 10:33:53 GMT
expires
Thu, 27 Nov 2025 10:33:53 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prop.json
305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com/ 		2 B
627 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.81.184.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-184-157.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://carrken.fordeal.com/

Response headers

ETag
"2-627dcad0b5833"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Date
Wed, 27 Nov 2024 10:33:53 GMT
Last-Modified
Wed, 27 Nov 2024 03:36:49 GMT
Content-Type
application/json
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Timing-Allow-Origin
*
Pragma
no-cache
Connection
close
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://carrken.fordeal.com
Content-Length
2
Server
Apache
prop.json
cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/ 		20 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/prop.json?_=1732703630888
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Timing-Allow-Origin
*
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
-1
Access-Control-Allow-Origin
https://carrken.fordeal.com
Date
Wed, 27 Nov 2024 10:33:53 GMT
Content-Type
application/json
Vary
Origin
csp-reports
dot-hub-x.fordeal.com/api/ Frame E90A 		0
0
events
cdn3.forter.com/ 		0
373 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn3.forter.com/events
Requested by
Host:
URL: (program):2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-36.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=gzip+enc
Referer
https://carrken.fordeal.com/

Response headers

strict-transport-security
max-age=86400; includeSubDomains
cache-control
private, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
via
1.1 92c2f36c465b846f668f475f8669bfe2.cloudfront.net (CloudFront)
expires
-1
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
fwiWCCOQGetbjCDuV3kJawgAiRjgYJIVhD9K_qiPHtKC5h5wQyVuWA==
date
Wed, 27 Nov 2024 10:33:53 GMT
x-amz-cf-pop
MUC50-P6
vary
Origin
access-control-allow-origin
*
favicon-32x32.e8e99d8c.png
s3.forcloudcdn.com/assets/fd-shared/fordeal/ 		176 B
637 B 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/fordeal/favicon-32x32.e8e99d8c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4f0e529fd049ee6c6211d0993b2abb8770feb295069037e6833926b9d2f3ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e8e99d8cec7157963e4717c8480e8516"
x-amz-version-id
fZLW8zznbDPEK6n4KuLXztURhKLDIk.W
cf-cache-status
HIT
age
337626
expires
Thu, 27 Nov 2025 10:33:53 GMT
cf-polished
origFmt=png, origSize=268
alt-svc
h3=":443"; ma=86400
date
Wed, 27 Nov 2024 10:33:53 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-32x32.webp"
vary
Accept
last-modified
Sat, 12 Sep 2020 11:38:26 GMT
x-amz-id-2
hhFZLDkrz+QAmUC95DRH/8lZWhmUuegQXljjqD6Dw36yuf72Y4GyuNurey/ffBoB1yAbodZvs7PCBfIrC2G6AEpjholO46ULsKS7t8MTsOY=
cache-control
public, max-age=31536000
x-amz-request-id
RHQ7RP53WJ6ZM3V3
cf-ray
8e91766e4a9ce521-TXL
accept-ranges
bytes
content-length
176
server
cloudflare
prop.json
cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/ 		20 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/prop.json?_=1732703633925
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Timing-Allow-Origin
*
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
-1
Access-Control-Allow-Origin
https://carrken.fordeal.com
Date
Wed, 27 Nov 2024 10:33:53 GMT
Content-Type
application/json
Vary
Origin
prop.json
cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/ 		20 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/prop.json?_=1732703634217
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache
Timing-Allow-Origin
*
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
-1
Access-Control-Allow-Origin
https://carrken.fordeal.com
Date
Wed, 27 Nov 2024 10:33:54 GMT
Content-Type
application/json
Vary
Origin
dotMets
dot.fordeal.com/api/ 		32 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dot.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.7.16/vue.runtime.min.js,libs/vuex/3.6.2/vuex.min.js,libs/axios/0.27.2/axios.min.js,libs/js-cookie/3.0.1/js.cookie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Referer
https://carrken.fordeal.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 27 Nov 2024 10:33:54 GMT
content-type
application/json;charset=UTF-8
vary
accept-encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
cf-ray
8e9176735f9158f6-TXL
access-control-allow-origin
https://carrken.fordeal.com
server
cloudflare
wpt.json
cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/ 		20 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/wpt.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://carrken.fordeal.com/

Response headers

Cache-Control
private, no-cache, no-store
Timing-Allow-Origin
*
Pragma
no-cache
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
-1
Access-Control-Allow-Origin
https://carrken.fordeal.com
Content-Length
20
Keep-Alive
timeout=10
Date
Wed, 27 Nov 2024 10:33:54 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
wpt.json
cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn0.forter.com/b1c895c26dcd/305868e930434e6385c0fe4f10de6d77/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-202-163.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://carrken.fordeal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Wed, 27 Nov 2024 10:33:54 GMT
Keep-Alive
timeout=10
Vary
Access-Control-Request-Headers
logo_small.gif
df45ay5pw60dy.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df45ay5pw60dy.cloudfront.net/logo_small.gif?dfpadname=&check=1732703634623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
FunctionGeneratedResponse from cloudfront
content-length
48
x-amz-cf-id
4jQzSgavpKhFy6u4ReFIXdrRhpJnfW-Cflytmt9VIqL83ddUxgBf3g==
date
Wed, 27 Nov 2024 10:33:54 GMT
content-type
image/gif
x-amz-cf-pop
FRA2-C2
server
CloudFront
logo_medium.gif
df45ay5pw60dy.cloudfront.net/ 		48 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df45ay5pw60dy.cloudfront.net/logo_medium.gif?check=1732703634623&refererPageDetail=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
FunctionGeneratedResponse from cloudfront
content-length
48
x-amz-cf-id
6rGNgeEKOEsQwrtnDsds2bgqAYagmawSiz9CHB94QeuMAi8cDYCbEg==
date
Wed, 27 Nov 2024 10:33:54 GMT
content-type
image/gif
x-amz-cf-pop
FRA2-C2
server
CloudFront
logo_large.gif
df45ay5pw60dy.cloudfront.net/ 		48 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df45ay5pw60dy.cloudfront.net/logo_large.gif?1732703634623&-linkd-32.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2600:10:f40e:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
FunctionGeneratedResponse from cloudfront
content-length
48
x-amz-cf-id
H9Vpg4DHjfQiUybi08a3gTPenCHlOITlXESEU8aDHMFUVJuGh3MSwA==
date
Wed, 27 Nov 2024 10:33:54 GMT
content-type
image/gif
x-amz-cf-pop
FRA2-C2
server
CloudFront
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EHRJ3G5MJS&gtm=45je4bk0v887200850za200&_p=1732703628967&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2039934559.1732703630&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732703630&sct=1&seg=0&dl=https%3A%2F%2Fcarrken.fordeal.com%2Fde-DE%2F&dt=CarrKen&uid=web_f89ae82f310a405f994e600b6086631c&en=scroll&epn.percent_scrolled=90&_et=97&tfd=8681
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://carrken.fordeal.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://carrken.fordeal.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 10:33:55 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sc-static.net
URL
https://sc-static.net/scevent.min.js
Domain
carrken.fordeal.com
URL
blob:https://carrken.fordeal.com/0555ed94-678a-4da7-927d-1ee0ff0cb449
Domain
carrken.fordeal.com
URL
blob:https://carrken.fordeal.com/5bd818fc-bca0-491a-ac02-669f4ee2ada4
Domain
dot-hub-x.fordeal.com
URL
https://dot-hub-x.fordeal.com/api/csp-reports?who=client_customer&app=fordeal

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| F_DATA function| FTQ string| F_PLAT object| F_CONFIG function| Vue object| Vuex function| axios object| Cookies object| F function| EventEmitter object| Popper number| ftr__startScriptLoad function| fbq function| _fbq function| snaptr object| dataLayer function| gtag function| x5EE function| R5VV function| R3aa function| p0UU object| ftr__ext object| ftr__bufferW function| ftr__ object| ftr__scriptLoadOptions object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ftr__JSON3

13 Cookies

Domain/Path Name / Value
.fordeal.com/ Name: lan
Value: de
.fordeal.com/ Name: region
Value: DE
.fordeal.com/ Name: gw-did
Value: web_f89ae82f310a405f994e600b6086631c
.fordeal.com/ Name: cur
Value: EUR
.fordeal.com/ Name: system
Value: pc
.fordeal.com/ Name: has_uuid
Value: true
.fordeal.com/ Name: timezone
Value: +3
.fordeal.com/ Name: uuid
Value: web_h5_a1271d32e34e430c8e5231203debd6c7
.fordeal.com/ Name: _ga
Value: GA1.1.2039934559.1732703630
.fordeal.com/ Name: _fbp
Value: fb.1.1732703630291.170582265636051006
.fordeal.com/ Name: _ga_EHRJ3G5MJS
Value: GS1.1.1732703630.1.0.1732703630.60.0.0
.fordeal.com/ Name: _gcl_au
Value: 1.1.1561988587.1732703631
.fordeal.com/ Name: forterToken
Value: 305868e930434e6385c0fe4f10de6d77_1732703628399__UDF43-m4_13ck_

5 Console Messages

Source Level URL
Text
rendering warning URL: https://carrken.fordeal.com/de-DE/(Line 45)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A08F0CE42F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' bid.g.doubleclick.net bytedance: fordeal: sslocal: tr.snapchat.com tr6.snapchat.com www.facebook.com www.youtube.com".
javascript error URL: https://carrken.fordeal.com/de-DE/
Message:
Access to script at 'https://sc-static.net/scevent.min.js' from origin 'https://carrken.fordeal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://sc-static.net/scevent.min.js
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.googletagmanager.com/
Message:
[Report Only] Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' bid.g.doubleclick.net bytedance: fordeal: sslocal: tr.snapchat.com tr6.snapchat.com www.facebook.com www.youtube.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

305868e930434e6385c0fe4f10de6d77-b1c895c26dcd.cdn.forter.com
b1c895c26dcd.cdn4.forter.com
carrken.fordeal.com
cdn0.forter.com
cdn3.forter.com
connect.facebook.net
df45ay5pw60dy.cloudfront.net
dot-hub-x.fordeal.com
dot.fordeal.com
gw.fordeal.com
region1.analytics.google.com
s3.forcloudcdn.com
s4.forcloudcdn.com
sc-static.net
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
carrken.fordeal.com
dot-hub-x.fordeal.com
sc-static.net
104.18.20.145
104.18.24.201
104.18.25.201
142.250.184.227
142.250.185.100
157.240.253.1
157.240.253.35
2001:4860:4802:32::36
2600:9000:21f3:2600:10:f40e:dd80:21
2600:9000:2644:2a00:f:1b37:e600:93a1
2a00:1450:4001:810::2008
2a00:1450:400c:c09::9c
52.85.65.36
54.204.202.163
54.81.184.157
096158eb4e0777dcf9c127a13077f48ec74521eb3ffb40fe01fed27844e0b7e0
0a66aa00275ce9c21012bcc686cc4016ed3f0ef6addb4b0d18dfb3489d7632b5
15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6
1600bf16a821098b0cfb481fc0e6d8440b1c0c0828623a27ceb8b6193d1b5eb6
174b79aa7d83c408048ee79cf36d8b7457b8ca9b6e2e4c7d6c3d67301697d435
1923f0c4d1fab0d6b8b38acdb3565258aaf46e0f5d363e4f97224db3253516f9
20a848016ddc7df00d5bcac65a24a0996a2a58748f4122281ea5de050139464d
24cdb7e1b241e437e43cc96dee22b8d76d454f96396ccba13ae36b420d59cdd8
25a6c4d98c0586290417bf1990ff07667e31327632b292fb46f750d2c122a65a
2911a5e982571e42dd8a5c8c97b643b0d9a8ac30a1cfc9bd407a7496e3edc9ae
2a74c61b630814919f8274bbf0a81941b6c5efaa1fdc328dd76c79277ff24745
30ce66c5950009673f70617e9fe178f48d6986bb0bc8bba06402d009362772b9
324997cccef64b8971a628a6f793952cc55c0e98f3f83f4dcc628b2624d0aca1
32b4dd8bf133912aaf964c89d26835ec25bb33e230c21e6e842795a0871128b8
35c4bcbc5bc1f20d460cd3e818a03672820d2f74a7304cfd43e52be622b3ad63
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4489d7f9b2cda79b8237370d6b366e03be68a04aa279b8a144dc42256b9d5dd2
4de82ba0f89d863e912f5f5d570ffb41a5f6d5a3d0bde976565d183df0ac271d
4e7bb64d7c61c385f01fc5b9ca4dcee2c85ada201f0c8ece739d4bb6951c81ec
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
63386a24c96f57641105dd87151d9605a639397b9b56993babd0b964a859e2dc
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43
7a9312cc43989e04f0a53308e5f34bc3c0d6f2091f8955f2f12550209cfc3442
84e4fb6b45eaab42347fcc2e5a33a2d1cdbab61b97d3a4bf7fb7dc028985017b
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9a930bf07fa4825e0d837876fb3f27ef80ddb8f018bab89906219f697b9a0d05
a4e0077300c4f8ff2e9e5faaafd442641ef6aa0d03b39e940fe74b44e3dd4e50
a57a3c075dc5d80c5626e963e748fb761599b41f3b032dea01f4c80ad516317f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd104039a74f86c60c1561a3eef0c7e595ae574450fe83db4fa4be97a9cd462
ae4f0e529fd049ee6c6211d0993b2abb8770feb295069037e6833926b9d2f3ec
b2c67d81f49c95dbeb81971a63c76e6188a65ec54f5d691375eb16f7575241ab
b3dc11b0b3e1511dcb3952ce0650c9a5832db1d6390bc30c2e020e5da32868a1
bd3e7dc9b30b0489d73abd2788339c773674400287330209df4fa5c201448066
bdc3059384f3ef4f5bad86148327e9ad20970bfb37ad12831176815a3b92ef5d
be490d3fb5c10d7c74d2f9da742d81cf8138b4e7ee5e2479974e0675335fd5e5
c0919bbaa56fe7b33858493210a618ba4bf368cd4e2d88ee33e9f1feabf475df
c0deba05fe16e6195f8922699cf650e0895a3095a33d4585773970eeb67d0f6f
c4a4d33167f969c3a15858db0e93efa46c53b69668cafad85c1f6d272aa4e5d4
c5954a368cfd7c60a6908df70c3e4fdcc929e430db409800a29ef581972a3f6c
c7d9cf4011b45d83bd42548546b10ec2ac5de837b645024a82d9b469c24986be
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
d23a250fb6e55aa0d0b694112b2275fef91b34449e43f9df12e7c874aedb99c5
d49fba0d26ce7f9fb0ea2cfa04ca13c34fd5bda0650f9a89af2469956f860695
d82969cefa97e790bcd90417d3685f93defb2ef60d5b30426990ad08a74b5021
db1acee1ab01f9fb4934ae143c9ba5d071f9c0e6b833f6c384484d49936d5168
dc14cdfe6bcd8ec72e4351948303d530a0f2c304e8f9c726c6632c67591180c6
de098b7d278b30d7f1b00b433f8e2872c2a73c13b7bf23cc09f40e754613a431
e11c0ecf7817f5dd9a364b32a440bbcd5f5a92d6078459d60b7ce1d99a661429
e341ad40f1ce597b66f91ace0a4acae07f4b8852fbfd12d2562ba0583fa7902d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb9bc31b7eed956ad901e0543fbfa21b7ff60b58eac79bfd0a54a46225c61e2
ebff6ed5921d1d0428488ebf47e648c69a85f371af83fdf7888f3523af36747d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65c0e88ae6a08250d4f9579c709dfcd52ecbb200044d14b61bf8681dd17e9c5