Submitted URL: https://f0r.co/2BxIT7
Effective URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Submission: On November 13 via manual from LB — Scanned from DE

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6812:1591, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.fordeal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2023. Valid for: a year.
This is the only time m.fordeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 fordeal.com
m.fordeal.com
gw.fordeal.com
dot-hub-x.fordeal.com
dot.fordeal.com
client-metrics.fordeal.com
7 KB
10 forcloudcdn.com
s3.forcloudcdn.com — Cisco Umbrella Rank: 424208
s4.forcloudcdn.com — Cisco Umbrella Rank: 567538
569 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 874
1016 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
411 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6862
689 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
2 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
872 B
4 branch.io
cdn.branch.io — Cisco Umbrella Rank: 1117
api2.branch.io — Cisco Umbrella Rank: 738
24 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
158 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
248 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 app.link
app.link — Cisco Umbrella Rank: 2540
641 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1161
17 KB
1 f0r.co
f0r.co
2 KB
58 14
Domain Requested by
6 s4.forcloudcdn.com m.fordeal.com
5 tr.snapchat.com sc-static.net
5 www.googletagmanager.com s4.forcloudcdn.com
www.googletagmanager.com
4 www.google.de
4 connect.facebook.net s4.forcloudcdn.com
connect.facebook.net
4 gw.fordeal.com s4.forcloudcdn.com
4 s3.forcloudcdn.com f0r.co
m.fordeal.com
3 www.facebook.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 api2.branch.io cdn.branch.io
2 client-metrics.fordeal.com s4.forcloudcdn.com
2 www.google.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dot-hub-x.fordeal.com s4.forcloudcdn.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 app.link cdn.branch.io
1 cdn.branch.io s4.forcloudcdn.com
1 sc-static.net s4.forcloudcdn.com
1 dot.fordeal.com s4.forcloudcdn.com
1 m.fordeal.com
1 f0r.co
58 22

This site contains no links.

Subject Issuer Validity Valid
f0r.co
GTS CA 1P5
2023-09-19 -
2023-12-18
3 months crt.sh
forcloudcdn.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-05
a year crt.sh
fordeal.com
Cloudflare Inc ECC CA-3
2023-05-11 -
2024-05-10
a year crt.sh
sc-static.net
Amazon RSA 2048 M02
2023-01-20 -
2024-02-18
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-22 -
2023-11-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.branch.io
Amazon RSA 2048 M01
2023-09-11 -
2024-10-09
a year crt.sh
appipv4.link
Amazon RSA 2048 M02
2023-04-25 -
2024-05-23
a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.de
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google.de
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 3 frames:

Primary Page: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Frame ID: 8B87A4F14EA7B8773C2308558C93197A
Requests: 57 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0&u_scsid=d3a830b5-d249-4481-9bd5-01ab7fd9d3a8&u_sclid=7fd57f99-97ec-4bde-a8f0-a846ab393a4c
Frame ID: 6269BF127C189106905E2C595DF3BB54
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ec43f182-e218-4b02-9ea4-83862ed5207d&u_scsid=d3a830b5-d249-4481-9bd5-01ab7fd9d3a8&u_sclid=7fd57f99-97ec-4bde-a8f0-a846ab393a4c
Frame ID: 58171E1EAE0FD10B3C2C79EA299FAAAF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Zufriedenheitsumfrage

Page URL History Show full URLs

  1. https://f0r.co/2BxIT7 Page URL
  2. https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

58
Requests

100 %
HTTPS

83 %
IPv6

14
Domains

22
Subdomains

19
IPs

3
Countries

1214 kB
Transfer

2818 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://f0r.co/2BxIT7 Page URL
  2. https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2BxIT7
f0r.co/
5 KB
2 KB
Document
General
Full URL
https://f0r.co/2BxIT7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25f0542788d6d9b325f1e8b8779f0a8f534e5afeb9c62e98b037f11600832155

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8257e193fa921e4c-FRA
content-encoding
gzip
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Mon, 13 Nov 2023 14:59:53 GMT
refresh
2;url=https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
server
cloudflare
x-envoy-upstream-service-time
6
37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif
s3.forcloudcdn.com/dmc/
22 KB
22 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/37c4f9a3-3694-4eed-aa6f-b33f9d03b9f5-202x202.gif
Requested by
Host: f0r.co
URL: https://f0r.co/2BxIT7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7911198e506f7732a969760d7f60de672d460ebf703d560d1aa620087c7c0a59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0r.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:53 GMT
x-amz-version-id
FtEke91YknnGoXGULXLtEtsHvwDQOhhv
cf-cache-status
HIT
x-amz-request-id
KBVX6X8RJ3F5WV98
age
133034
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
22117
x-amz-id-2
i3DmUIQZ5WzVd3DTfLmCCI6r0QZUCT4lZY03FR0Ucq8yQc1Po1ai2mTWYb8EmwUy+UJw3jJvLPA=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 06 Dec 2019 07:52:56 GMT
server
cloudflare
etag
"62dd0f63cae4843fc18ab7564786bc64"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8257e194dd7f1e49-FRA
expires
Tue, 21 Nov 2023 14:59:53 GMT
Primary Request v2.html
m.fordeal.com/satisfaction-survey/
3 KB
2 KB
Document
General
Full URL
https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f552aa4d37c2bbd90a74f5c751570b460de21ff0687e855c02960efec48f89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://f0r.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8257e1a1eec11947-FRA
content-encoding
br
content-type
text/html
date
Mon, 13 Nov 2023 14:59:55 GMT
etag
W/"c050dc1a4fd42a6d32b02b52164771b8"
last-modified
Mon, 09 Jan 2023 03:59:34 GMT
link
<https://www.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D>; rel="canonical"
referrer-policy
origin,strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000
x-amz-id-2
Ayv2tmnGW8Jj8K2Ph6uKuen1mfxYgZvRvp8hFxGWqy9IZc76bFCj9ENVQMLEpstGIjtrH6fBY+g=
x-amz-meta-v
1.2.6
x-amz-request-id
6TKAM19MGS9PFFEE
x-amz-version-id
yNF2YWgPs9HLy_B51ru0.053zwTEpyGx
x-content-type-options
nosniff
base.css
s3.forcloudcdn.com/libs/fd-base-style/1.3.2/
22 KB
13 KB
Stylesheet
General
Full URL
https://s3.forcloudcdn.com/libs/fd-base-style/1.3.2/base.css
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ad80723bb2613b76f1702241974f1f6d8f514d0d14d47c1003159661f0fb27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:55 GMT
x-amz-version-id
IiV3wcKoQAE2HYPVIUnVv_vVXtzFYSXO
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
9M86T3Q29ED39R4K
age
1154215
cf-polished
origSize=22787
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q12subnkCNJOb0vbkfRKQ++W451ERA2zYKJ3NNj93GQ+w13qE3BNEQOB1FP3OnJO+M5tVG98aSw=
cf-bgj
minify
last-modified
Sat, 06 Jun 2020 08:35:02 GMT
server
cloudflare
etag
W/"19923a0f4df40cddc19df0f620230a09"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8257e1a2b8801e49-FRA
expires
Tue, 12 Nov 2024 14:59:55 GMT
v2.css
s4.forcloudcdn.com/assets/fd-satisfaction-survey/1.2.6/
31 KB
10 KB
Stylesheet
General
Full URL
https://s4.forcloudcdn.com/assets/fd-satisfaction-survey/1.2.6/v2.css
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfddbbf18a8591aaf0365688991928cbdaaffc72a33efd86bc18dad28872e017

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
XDQ10F88BJX55FJP
cf-polished
origSize=32182
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
aBDHabs5bcGrIKAomfalQAMUvl2+Dj7zhZLMWiJvdSC7xnJCOW2kMqayce/PTlvL38m4yf1qEWA=
cf-bgj
minify
last-modified
Mon, 09 Jan 2023 03:59:11 GMT
server
cloudflare
etag
W/"616ad13ca7057ec4e3cea21709ee1224"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8257e1a2e8b11e49-FRA
expires
Tue, 12 Nov 2024 14:59:55 GMT
js.cookie.js
s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/
90 KB
32 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56a2032f34a9bb8c84f8bf3623c428d4914e9be4b718bbd9d554936dadacf65

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 May 2020 09:17:47 GMT
server
cloudflare
etag
W/"1690f-/CdX3X8PoeW9zGmHP0jxNr5ixzs"
x-cache-status
MISS
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
web
aws-ir1-front-cdnsrc-prod-026130
cf-ray
8257e1a2ff982bb9-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 14:59:56 GMT
base.js
s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.4.2/f.js,libs/fd-image/1.4.1/image.js,libs/fd-base/1.4.1/
46 KB
17 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.0.1/polyfill.js,libs/fd-f/3.4.2/f.js,libs/fd-image/1.4.1/image.js,libs/fd-base/1.4.1/base.js
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
230c35e4afce11b336d7ed4f4a3ba09d3ae366b83326ff567d9c759738697e04

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
HIT
age
349584
x-cache-status
HIT
web
aws-ir1-front-cdnsrc-prod-017224
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 23 Jan 2021 05:57:21 GMT
server
cloudflare
etag
W/"b9be-uWshUGDIeez/2ffhP5r41MosgRM"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8257e1a2ff902bb9-FRA
expires
Tue, 12 Nov 2024 14:59:56 GMT
promotion.js
s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd...
126 KB
35 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27da726c8e2d4c9cbfa97c925e2d29f297496752c3b2abeffe8578d7e0512e4

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Apr 2021 13:38:36 GMT
server
cloudflare
etag
W/"1f77e-gTHLeBd3lzcuY4BJg5j5oN18Vyw"
x-cache-status
MISS
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
web
aws-ir1-front-cdnsrc-prod-016055
cf-ray
8257e1a2ff9a2bb9-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 14:59:56 GMT
v2.js
s4.forcloudcdn.com/assets/fd-satisfaction-survey/1.2.6/
91 KB
31 KB
Script
General
Full URL
https://s4.forcloudcdn.com/assets/fd-satisfaction-survey/1.2.6/v2.js
Requested by
Host: m.fordeal.com
URL: https://m.fordeal.com/satisfaction-survey/v2.html?is_direct_short_url=1&commentId=BZ73xs3OafL2bFKni8EfQA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a84617ff06c3bedb0e635485fa8c56515611108f89e5cdfdcf9378b1030625c

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
642SM8A3XD4KFWX5
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Hqh8ouUhQITRmvdMV7v1mUAB3yr/fcSvplaNeX/Vz2hpX608LuEs8Jg1VkGeWIpasfXhmLrC5gs=
last-modified
Mon, 09 Jan 2023 03:59:12 GMT
server
cloudflare
etag
W/"7cf2da52574743105b0b0d9dd0c0acd8"
access-control-max-age
6000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8257e1a2ff942bb9-FRA
expires
Tue, 12 Nov 2024 14:59:56 GMT
1
gw.fordeal.com/gw/dwp.horizon.clientHttpRate/
100 B
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.horizon.clientHttpRate/1?data=&gw_ver=1&plat=h5&ct=1699887596140&appname=fordeal&sign=6fb165dbcc9204208d3b91b325cbdb21
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c3630d9eec5ac03aca008009344d63f3c99a40ade7641b0a268d749aad154f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

gw-trace-sampling
0
date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
gw-code
1001
alt-svc
h3=":443"; ma=86400
s_timestamp
1699887596
server
cloudflare
front-end-https
on
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
gw-rt
0
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
cache-control
no-cache
access-control-allow-credentials
true
access-control-max-age
3600
gw-st
1699887596234
timing-allow-origin
https://m.fordeal.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
gw-trace-id
0.web_93b4a41c01874a2dbc4118f7f2a690ff.377.16998875962342571
cf-ray
8257e1a429901947-FRA
2
gw.fordeal.com/gw/dwp.cscrm.commentInfo/
2 KB
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cscrm.commentInfo/2?data=%7B%22commentId%22%3A%22BZ73xs3OafL2bFKni8EfQA%3D%3D%22%7D&gw_ver=1&plat=h5&ct=1699887596168&appname=fordeal&sign=eb5f546a110afeefabc67c2095781d54
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20ed123ef001217954e0b5fe225145e026811ca5b6afcb7e8ccf53f8144e252
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

gw-trace-sampling
0
date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
service-rt
47
gw-code
1001
alt-svc
h3=":443"; ma=86400
s_timestamp
1699887596
server
cloudflare
front-end-https
on
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
gw-rt
54
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
cache-control
no-cache
access-control-allow-credentials
true
real-server
cscrm-7db598596-cz9rc
access-control-max-age
3600
gw-st
1699887596287
timing-allow-origin
https://m.fordeal.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
gw-trace-id
0.web_93b4a41c01874a2dbc4118f7f2a690ff.411.16998875962331101
cf-ray
8257e1a429911947-FRA
dotRecords
dot-hub-x.fordeal.com/api/v2/ Frame
0
0
Preflight
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.fordeal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://m.fordeal.com
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8257e1a46e4265b6-FRA
date
Mon, 13 Nov 2023 14:59:56 GMT
front-end-https
on
server
cloudflare
x-envoy-upstream-service-time
0
dotRecords
dot-hub-x.fordeal.com/api/v2/
32 B
365 B
XHR
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
accept-encoding
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://m.fordeal.com
content-type
application/json;charset=UTF-8
front-end-https
on
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cf-ray
8257e1a4ce8b30c0-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
alt-svc
h3=":443"; ma=86400
dotRecord
dot.fordeal.com/api/
32 B
244 B
XHR
General
Full URL
https://dot.fordeal.com/api/dotRecord
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
accept-encoding
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://m.fordeal.com
content-type
application/json;charset=UTF-8
front-end-https
on
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
cf-ray
8257e1a54ae51947-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
alt-svc
h3=":443"; ma=86400
1
gw.fordeal.com/gw/dwp.horizon.config/
2 KB
892 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?data=%7B%22key%22%3A%22FE.pixel.mobile.fordeal%22%7D&gw_ver=1&plat=h5&ct=1699887596197&appname=fordeal&sign=7f4ef24a24e494e107fb466feec9de00
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0919bbaa56fe7b33858493210a618ba4bf368cd4e2d88ee33e9f1feabf475df
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

gw-trace-sampling
0
date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
gw-code
1001
alt-svc
h3=":443"; ma=86400
s_timestamp
1699887596
server
cloudflare
front-end-https
on
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
gw-rt
0
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
cache-control
no-cache
access-control-allow-credentials
true
access-control-max-age
3600
gw-st
1699887596252
timing-allow-origin
https://m.fordeal.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
gw-trace-id
0.web_93b4a41c01874a2dbc4118f7f2a690ff.266.16998875962527626
cf-ray
8257e1a449bf1947-FRA
scevent.min.js
sc-static.net/
39 KB
17 KB
Script
General
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
2ebb7f407c8ed2e838bfc31cca2b64503889bf691cd5d65b1764e5325de87001

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
gzip
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16939
x-amz-cf-id
KL1IKH3meKLK6izIs6p1RqVagILZX6KIrp1Y5Sg0RKURfIgcPFrw7g==
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kw8UIbHIo8XhC46mhybxGiHugOCQDE3UcCH+w8VVZUaGJAgbTHZHQsGhc+o8gdQSy0dvGfzj5kwbg9+N/HQ0mw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-94012617-8
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
017ca8fac7d26a2b31e5fef9f85003a9b10167e7a2c4e3cbe24f0e9092650743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68890
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 14:59:56 GMT
js
www.googletagmanager.com/gtag/
272 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3624c811fb4652a1b627ff418261de864b31f124bbc589d5ce322c5754d9f2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92236
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 14:59:56 GMT
branch-latest.min.js
cdn.branch.io/
71 KB
22 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.4.1/url.js,libs/fd-dwp/1.8.2/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-native-app/1.2.9/native.js,libs/fd-f-dot/0.0.5/fDot.js,libs/fd-logger/1.8.3/logger.js,libs/fd-tracker/2.4.2/tracker.js,libs/fd-promotion/1.6.0/promotion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-87.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
UkfElG6yIzo.BOEWL6zP4sMZe23_jxRr
content-encoding
gzip
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
date
Mon, 13 Nov 2023 14:58:41 GMT
x-amz-cf-pop
FRA56-P7
age
76
x-cache
Hit from cloudfront
content-length
22162
last-modified
Thu, 14 Sep 2023 19:53:04 GMT
server
AmazonS3
etag
"17a75c4dd4a7b15a4695cb6822521c62"
vary
Origin
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
x-amz-cf-id
hXP4ipcsrZJAC4g8zqwCsyhaoz1Y-12egzaZkw3EEOweICMGTxZy5A==
1
gw.fordeal.com/gw/dwp.customerCenter.get_phone/
87 B
804 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.customerCenter.get_phone/1?data=&gw_ver=1&plat=h5&ct=1699887596289&appname=fordeal&sign=d8e5441dfa8449fd991825211b20e338
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

gw-trace-sampling
0
date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
service-rt
2
gw-code
1001
alt-svc
h3=":443"; ma=86400
s_timestamp
1699887596
server
cloudflare
front-end-https
on
x-frame-options
ALLOW-FROM https://www.snapchat.com
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://m.fordeal.com
gw-rt
4
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id,gw-trace-sampling
cache-control
no-cache
access-control-allow-credentials
true
real-server
customer-center-58bb66877d-kdzbn
access-control-max-age
3600
gw-st
1699887596369
timing-allow-origin
https://m.fordeal.com
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict,x-session-id,x-fragment-id,x-locale-lan,x-client-id
gw-trace-id
0.web_93b4a41c01874a2dbc4118f7f2a690ff.14266.16998875963659420
cf-ray
8257e1a4fec630c0-FRA
truncated
/
701 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
901f8e94f5b05002f3ac224e1464480772c8ffabadcdd40ee2238284976b46ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
344 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f39d036606f6c5215dc4645a5d8561deb11bcd25046446cdccb06387554e9206

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
298 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b44163cb03740958fbf8b38b70317a2ec56567515513f86d37baca0dccd04a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
681f70b5-3381-4bb7-a8f9-e74ff24cd37c-1216x1621.png_min.jpg
s3.forcloudcdn.com/item/images/dmc/
322 KB
323 KB
Image
General
Full URL
https://s3.forcloudcdn.com/item/images/dmc/681f70b5-3381-4bb7-a8f9-e74ff24cd37c-1216x1621.png_min.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58df573598fdf8e8ce3a5b565d79b66ea1a08782562257e20ee9e11866d5e979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
NE2P1C7RBXKP01RJ
cf-polished
origSize=343232, status=webp_bigger
x-amz-server-side-encryption
AES256
x-amz-meta-width
1216
x-amz-meta-image-lambda-height
1621
x-amz-meta-height
1621
alt-svc
h3=":443"; ma=86400
content-length
329981
x-amz-id-2
bFQGT21ZrwzFioW3u1JtcIccwwYiXRu4fqUSbD9BdxvqHGY5EDmQD/lMA3OQ4WCaWcmy8LNahpM=
x-amz-meta-image-lambda-width
1216
cf-bgj
imgq:85,h2pri
last-modified
Wed, 26 Jul 2023 06:42:10 GMT
server
cloudflare
etag
"0ccda22281ef6d0d89acd17b7922f240"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-meta-image-lambda-processed
true
accept-ranges
bytes
cf-ray
8257e1a58df7901e-FRA
expires
Tue, 12 Nov 2024 14:59:56 GMT
f06d997e-fdc3-47c0-be3c-22d28315bc9b-1500x1356.png
s3.forcloudcdn.com/dmc/
82 KB
83 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/f06d997e-fdc3-47c0-be3c-22d28315bc9b-1500x1356.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dedca42996725150c550f14175c7a71f7f6b0260c2f2e36bcddc3de177af0b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
x-amz-version-id
null
cf-cache-status
HIT
x-amz-request-id
XX56NYAR5992TFT0
age
440761
cf-polished
origFmt=png, origSize=104038
x-amz-meta-width
1500
content-disposition
inline; filename="f06d997e-fdc3-47c0-be3c-22d28315bc9b-1500x1356.webp"
x-amz-meta-height
1356
x-amz-meta-image-lambda-height
1356
alt-svc
h3=":443"; ma=86400
content-length
84446
x-amz-id-2
r0LHO2R3NUFBJkGaPBO/MSUiojoJdO1sQC89onx9u9ib42llK+02kUWJNVDS8ZxcWYulyo76JjE=
x-amz-meta-image-lambda-width
1500
cf-bgj
imgq:100,h2pri
last-modified
Thu, 01 Sep 2022 06:44:13 GMT
server
cloudflare
etag
"e218bf34720d29943f562eca7e3327d6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-meta-image-lambda-processed
true
accept-ranges
bytes
cf-ray
8257e1a58df8901e-FRA
expires
Tue, 12 Nov 2024 14:59:56 GMT
a1d417ce-8df7-4517-be7c-c40d04100c18-396x112.png_0.png
s4.forcloudcdn.com/dmc/
3 KB
4 KB
Image
General
Full URL
https://s4.forcloudcdn.com/dmc/a1d417ce-8df7-4517-be7c-c40d04100c18-396x112.png_0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3239ae1e06b5eb908f58bb7b4f1815e43653da9bead6bd57e46a5a366696f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sat, 11 Nov 2023 09:02:13 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=4245
x-cache-status
MISS
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
content-disposition
inline; filename="a1d417ce-8df7-4517-be7c-c40d04100c18-396x112.webp"
web
aws-ir1-front-cdnsrc-prod-017224
cf-ray
8257e1a58dfd901e-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Nov 2024 14:59:56 GMT
_r
app.link/
91 B
641 B
Script
General
Full URL
https://app.link/_r?sdk=web2.80.0&branch_key=key_live_pgNaS6ti52mXzBeOV4FlAkfhEBfccw5b&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
09be4a7ea3ca9479a330a767a0da1e0880f3d242888dae2b57ce0219db032121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
server
openresty
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop
FRA56-C1
etag
W/"5b-4jv7YmItZ6y7Jfl1/gNAfrHNFKw"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
sN2QG4kL4SHQtpgo7LQwi_W5X88akkvGmFQhgfIIjIw1lEe6HrpUTg==
171574500264944
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/171574500264944?v=2.9.138&r=stable&domain=m.fordeal.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6228a898db92f00f943c27f3e5d08b913aab523a0e35c88dc130affcb2faae64
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
YDpBc6jCXv8xlbFUpFP2j4IB3A4j/+akiMrjih3oNnDkoqr8ywfuPQmzNJFFi74OfWFz2cSNxrvSsydPzGc6IA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
594717e0-8d76-4661-ba73-cab202295bb0.js
tr.snapchat.com/config/com/
168 B
232 B
Script
General
Full URL
https://tr.snapchat.com/config/com/594717e0-8d76-4661-ba73-cab202295bb0.js?v=3.4.18-2311130917
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
732bf45c83a927d32b26761b9ac7c0fdef65ad288304a0a400701f4ea03a6642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://m.fordeal.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
i
tr.snapchat.com/cm/ Frame 6269
0
202 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=594717e0-8d76-4661-ba73-cab202295bb0&u_scsid=d3a830b5-d249-4481-9bd5-01ab7fd9d3a8&u_sclid=7fd57f99-97ec-4bde-a8f0-a846ab393a4c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 13 Nov 2023 14:59:56 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
ec43f182-e218-4b02-9ea4-83862ed5207d.js
tr.snapchat.com/config/com/
168 B
444 B
Script
General
Full URL
https://tr.snapchat.com/config/com/ec43f182-e218-4b02-9ea4-83862ed5207d.js?v=3.4.18-2311130917
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
58814a17ad676bcd11f4edd1ed87ee0917ccb79ea4e3a12065a8c8d85389758f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
Origin
https://m.fordeal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://m.fordeal.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
i
tr.snapchat.com/cm/ Frame 5817
0
47 B
Document
General
Full URL
https://tr.snapchat.com/cm/i?pid=ec43f182-e218-4b02-9ea4-83862ed5207d&u_scsid=d3a830b5-d249-4481-9bd5-01ab7fd9d3a8&u_sclid=7fd57f99-97ec-4bde-a8f0-a846ab393a4c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 13 Nov 2023 14:59:56 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
1
1232841863581518
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1232841863581518?v=2.9.138&r=stable&domain=m.fordeal.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a01a01b4b9835b5d089c9a60e2640eef0223346f9b37677a8d7c533c6df866b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5c/2dZHVVcYcUk0G2AM7XyBKxBAo3P1bYAp+xx4URVihQVVjpgQFOJ8pp5X43H3pEh32dvRlYmSAwk1me44Gww==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
202 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b935415b8260e27441c297f7cbef8cd6c2e49b59b22699c80dbf1bdfa757588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74479
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Nov 2023 14:59:56 GMT
js
www.googletagmanager.com/gtag/
272 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5729655a010d5542ed8c961eb90e71e38df31dac283158942d0fad5f0b9dfd78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92247
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 14:59:56 GMT
js
www.googletagmanager.com/gtag/
270 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6WW67CFQ80&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b61e7adbe35494b9e11801e365989025e472b62dd3e2751dc7a92031c9821c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91929
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 14:59:56 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Nov 2023 13:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4215
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 Nov 2023 15:49:41 GMT
open
api2.branch.io/v1/
268 B
644 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ce00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
26ecc7e225cbc77cde8e8c874fd0878b65c6396829ea6fb40cceeb89f10a4057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
e9176d6f-0c75-4b90-b3c3-a612f342e3b0-2023111314
content-length
268
x-amz-cf-id
uAyYaZ6WS-L0TCEYL7NoxXXa4c6_LFgmda56Ngr492KaFROA3jJXhQ==
collect
region1.analytics.google.com/g/
0
253 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EHRJ3G5MJS&gtm=45je3b81v887200850&_p=1699887596293&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1678632624.1699887597&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699887596&sct=1&seg=0&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&dr=https%3A%2F%2Ff0r.co%2F&dt=Zufriedenheitsumfrage&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=932
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EHRJ3G5MJS&cid=1678632624.1699887597&gtm=45je3b81v887200850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHRJ3G5MJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
409 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EHRJ3G5MJS&cid=1678632624.1699887597&gtm=45je3b81v887200850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=327729500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
948137468955233
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/948137468955233?v=2.9.138&r=stable&domain=m.fordeal.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
757fadf78a751caefa5bbeb5a17a72535bce3d5ada51c7a4fb1617536d427acb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
yBr82OZ5Yd0bxuo5F4/H+H/vbKHEerye0dFolMINZSKzws5I71XrPUn1HRaZp7YqpeQbOlhZJAKL5cKvJSidOA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
p
tr.snapchat.com/
0
91 B
Ping
General
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Nov 2023 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://m.fordeal.com
x-envoy-upstream-service-time
21
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=171574500264944&ev=PageView&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&rl=https%3A%2F%2Ff0r.co%2F&if=false&ts=1699887596783&cd[content_type]=product&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699887596782.249129459&ler=other&it=1699887596437&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
186 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&rl=https%3A%2F%2Ff0r.co%2F&if=false&ts=1699887596785&cd[content_type]=product&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699887596782.249129459&ler=other&it=1699887596437&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=948137468955233&ev=PageView&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&rl=https%3A%2F%2Ff0r.co%2F&if=false&ts=1699887596786&cd[content_type]=product&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699887596782.249129459&ler=other&it=1699887596437&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 Nov 2023 14:59:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/
2 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2113265835&t=pageview&_s=1&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&dr=https%3A%2F%2Ff0r.co%2F&ul=en-us&de=UTF-8&dt=Zufriedenheitsumfrage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2031646275&gjid=1508801977&cid=1678632624.1699887597&tid=UA-94012617-8&_gid=572791772.1699887597&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=630503322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom
api2.branch.io/v2/event/
39 B
395 B
XHR
General
Full URL
https://api2.branch.io/v2/event/custom
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ce00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Nov 2023 14:59:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
12159f0b-5de1-4c30-84ee-3c7700e9cac2-2023111314
content-length
39
x-amz-cf-id
wVGEmlwinWlp1ML9gxID5MyoIdrKCcS5eR_378hfubdnPeNQdJ6T0Q==
collect
stats.g.doubleclick.net/j/
4 B
152 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-94012617-8&cid=1678632624.1699887597&jid=2031646275&gjid=1508801977&_gid=572791772.1699887597&_u=YADAAUAAAAAAACAAI~&z=1199886286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 13 Nov 2023 14:59:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
409 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-94012617-8&cid=1678632624.1699887597&jid=2031646275&_u=YADAAUAAAAAAACAAI~&z=1900883421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-94012617-8&cid=1678632624.1699887597&jid=2031646275&_u=YADAAUAAAAAAACAAI~&z=1900883421
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1699887596993&cv=11&fst=1699887596993&bg=ffffff&guid=ON&async=1&gtm=45be3b81v889394199&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&ref=https%3A%2F%2Ff0r.co%2F&hn=www.googleadservices.com&frm=0&tiba=Zufriedenheitsumfrage&auid=768947459.1699887597&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
903aaa82c0a0fe7c6b428acdf301aeb03c8560846df0b184348cc4e1bf8f9cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
55 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-6WW67CFQ80&gtm=45je3b81v890315679&_p=1699887596293&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1678632624.1699887597&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699887597&sct=1&seg=0&dl=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&dr=https%3A%2F%2Ff0r.co%2F&dt=Zufriedenheitsumfrage&en=page_view&_fv=1&_ss=1&tfd=1301
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WW67CFQ80&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
17 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6WW67CFQ80&cid=1678632624.1699887597&gtm=45je3b81v890315679&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WW67CFQ80&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://m.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6WW67CFQ80&cid=1678632624.1699887597&gtm=45je3b81v890315679&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1473897263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pageview
api2.branch.io/v1/
28 B
434 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ce00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Nov 2023 14:59:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
d8603e01428e48f0ba92c182f164bca7-2023111314
content-length
28
x-amz-cf-id
XD3d_myLcFtbPk9D8bDNaceyqDNk6GarDdiIAUsy95L70spFbmsK0A==
/
www.google.com/pagead/1p-user-list/927470498/
42 B
155 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/927470498/?random=1699887596993&cv=11&fst=1699884000000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v889394199&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&ref=https%3A%2F%2Ff0r.co%2F&frm=0&tiba=Zufriedenheitsumfrage&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN47BWr1I66T8R-VVTSRM-Id7Z9Z22bw&random=588401866&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/927470498/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/927470498/?random=1699887596993&cv=11&fst=1699884000000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v889394199&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.fordeal.com%2Fsatisfaction-survey%2Fv2.html%3Fis_direct_short_url%3D1%26commentId%3DBZ73xs3OafL2bFKni8EfQA%253D%253D&ref=https%3A%2F%2Ff0r.co%2F&frm=0&tiba=Zufriedenheitsumfrage&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN47BWr1I66T8R-VVTSRM-Id7Z9Z22bw&random=588401866&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Nov 2023 14:59:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dotMets
client-metrics.fordeal.com/api/ Frame
0
0
Preflight
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.fordeal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://m.fordeal.com
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8257e1ac6a9165b6-FRA
date
Mon, 13 Nov 2023 14:59:57 GMT
front-end-https
on
server
cloudflare
x-envoy-upstream-service-time
0
dotMets
client-metrics.fordeal.com/api/
32 B
365 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.9/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.fordeal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Nov 2023 14:59:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
accept-encoding
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://m.fordeal.com
content-type
application/json;charset=UTF-8
front-end-https
on
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
cf-ray
8257e1acbf3430c0-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| FD_ERROR_QUE string| F_PLAT object| F_CONFIG object| lib number| rem number| dpr function| Vue object| Vuex function| axios function| Cookies object| F function| EventEmitter string| F_PAGE_SESSION function| snaptr function| fbq function| _fbq object| dataLayer function| gtag object| branch object| _scPxHelper object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| GooglebQhCsO

19 Cookies

Domain/Path Name / Value
.fordeal.com/ Name: lan
Value: de
.fordeal.com/ Name: region
Value: DE
.fordeal.com/ Name: gw-did
Value: web_93b4a41c01874a2dbc4118f7f2a690ff
.fordeal.com/ Name: cur
Value: EUR
.fordeal.com/ Name: system
Value: h5
.fordeal.com/ Name: has_uuid
Value: true
.fordeal.com/ Name: timezone
Value: +3
.fordeal.com/ Name: uuid
Value: web_h5_6138c84f8a9745d788d5562efed21b95
.fordeal.com/ Name: _scid
Value: d6caf9cf-4db4-4d7e-a2e9-cb40e9fb3da6
.fordeal.com/ Name: _scid_r
Value: d6caf9cf-4db4-4d7e-a2e9-cb40e9fb3da6
.app.link/ Name: _s
Value: EU%2FM6XvaJ1eEPtBXMPxrnYLRSV02JnIiUBeLfu6NJd%2BkmH6lrq9XaMRr%2FTK8%2FVP4
.fordeal.com/ Name: _ga_EHRJ3G5MJS
Value: GS1.1.1699887596.1.1.1699887596.60.0.0
.fordeal.com/ Name: _fbp
Value: fb.1.1699887596782.249129459
.fordeal.com/ Name: _gid
Value: GA1.2.572791772.1699887597
.fordeal.com/ Name: _gat_gtag_UA_94012617_8
Value: 1
.fordeal.com/ Name: _gcl_au
Value: 1.1.768947459.1699887597
.fordeal.com/ Name: _ga_6WW67CFQ80
Value: GS1.1.1699887597.1.0.1699887597.60.0.0
.fordeal.com/ Name: _ga
Value: GA1.1.1678632624.1699887597
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn.branch.io
client-metrics.fordeal.com
connect.facebook.net
dot-hub-x.fordeal.com
dot.fordeal.com
f0r.co
googleads.g.doubleclick.net
gw.fordeal.com
m.fordeal.com
region1.analytics.google.com
s3.forcloudcdn.com
s4.forcloudcdn.com
sc-static.net
stats.g.doubleclick.net
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.26.87
143.204.207.250
2001:4860:4802:32::36
2600:9000:206f:1400:19:9934:6a80:93a1
2600:9000:2491:ce00:11:f728:3040:93a1
2606:4700::6812:1591
2606:4700::6812:18c9
2606:4700::6812:19c9
2606:4700::6812:d76
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2008
2a00:1450:400c:c1f::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.190.43.134
017ca8fac7d26a2b31e5fef9f85003a9b10167e7a2c4e3cbe24f0e9092650743
06462b9cde8acdb46d6ad810b2cca2aff934fcf1749f2569f342ce3e0a95d063
09be4a7ea3ca9479a330a767a0da1e0880f3d242888dae2b57ce0219db032121
0a84617ff06c3bedb0e635485fa8c56515611108f89e5cdfdcf9378b1030625c
0f7a833cfa46a2084a6249a678ed2c3ccf4e35c1c9d583e52c97934c8b3b8eba
230c35e4afce11b336d7ed4f4a3ba09d3ae366b83326ff567d9c759738697e04
25ad80723bb2613b76f1702241974f1f6d8f514d0d14d47c1003159661f0fb27
25f0542788d6d9b325f1e8b8779f0a8f534e5afeb9c62e98b037f11600832155
26ecc7e225cbc77cde8e8c874fd0878b65c6396829ea6fb40cceeb89f10a4057
2ebb7f407c8ed2e838bfc31cca2b64503889bf691cd5d65b1764e5325de87001
2f552aa4d37c2bbd90a74f5c751570b460de21ff0687e855c02960efec48f89b
3624c811fb4652a1b627ff418261de864b31f124bbc589d5ce322c5754d9f2e4
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
5729655a010d5542ed8c961eb90e71e38df31dac283158942d0fad5f0b9dfd78
58814a17ad676bcd11f4edd1ed87ee0917ccb79ea4e3a12065a8c8d85389758f
58df573598fdf8e8ce3a5b565d79b66ea1a08782562257e20ee9e11866d5e979
6228a898db92f00f943c27f3e5d08b913aab523a0e35c88dc130affcb2faae64
6a01a01b4b9835b5d089c9a60e2640eef0223346f9b37677a8d7c533c6df866b
6b3106a5a411804e9ee3be2158fb491408aa4dc923e03a0c74376f30bc323333
732bf45c83a927d32b26761b9ac7c0fdef65ad288304a0a400701f4ea03a6642
757fadf78a751caefa5bbeb5a17a72535bce3d5ada51c7a4fb1617536d427acb
7911198e506f7732a969760d7f60de672d460ebf703d560d1aa620087c7c0a59
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b935415b8260e27441c297f7cbef8cd6c2e49b59b22699c80dbf1bdfa757588
901f8e94f5b05002f3ac224e1464480772c8ffabadcdd40ee2238284976b46ed
903aaa82c0a0fe7c6b428acdf301aeb03c8560846df0b184348cc4e1bf8f9cbb
a56a2032f34a9bb8c84f8bf3623c428d4914e9be4b718bbd9d554936dadacf65
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b44163cb03740958fbf8b38b70317a2ec56567515513f86d37baca0dccd04a3c
b61e7adbe35494b9e11801e365989025e472b62dd3e2751dc7a92031c9821c88
bfddbbf18a8591aaf0365688991928cbdaaffc72a33efd86bc18dad28872e017
c0919bbaa56fe7b33858493210a618ba4bf368cd4e2d88ee33e9f1feabf475df
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedca42996725150c550f14175c7a71f7f6b0260c2f2e36bcddc3de177af0b28
e20ed123ef001217954e0b5fe225145e026811ca5b6afcb7e8ccf53f8144e252
e27da726c8e2d4c9cbfa97c925e2d29f297496752c3b2abeffe8578d7e0512e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c3630d9eec5ac03aca008009344d63f3c99a40ade7641b0a268d749aad154f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3239ae1e06b5eb908f58bb7b4f1815e43653da9bead6bd57e46a5a366696f12
f39d036606f6c5215dc4645a5d8561deb11bcd25046446cdccb06387554e9206