Submitted URL: https://www.fordeal.com/
Effective URL: https://www.fordeal.com/de-DE/
Submission: On January 08 via manual from SA — Scanned from DE

Summary

This website contacted 17 IPs in 3 countries across 11 domains to perform 126 HTTP transactions. The main IP is 2606:4700::6812:1591, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fordeal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2021. Valid for: a year.
This is the only time www.fordeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
57 forcloudcdn.com
s4.forcloudcdn.com — Cisco Umbrella Rank: 719073
s3.forcloudcdn.com — Cisco Umbrella Rank: 261177
629 KB
28 fordeal.com
www.fordeal.com
gw.fordeal.com
dot-hub-x.fordeal.com
dot.fordeal.com
client-metrics.fordeal.com — Cisco Umbrella Rank: 894020
83 KB
9 forter.com
b1c895c26dcd.cdn4.forter.com — Cisco Umbrella Rank: 432494
cdn9.forter.com — Cisco Umbrella Rank: 4907
24619d37cd514d9db5fdb6ddf89f1045-b1c895c26dcd.cdn.forter.com
cdn0.forter.com — Cisco Umbrella Rank: 4782
61 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
300 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
652 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6151
783 B
4 google.com
www.google.com — Cisco Umbrella Rank: 8
783 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
5 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
220 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
29 KB
126 11
Domain Requested by
33 s4.forcloudcdn.com www.fordeal.com
24 s3.forcloudcdn.com www.fordeal.com
s3.forcloudcdn.com
s4.forcloudcdn.com
16 gw.fordeal.com s4.forcloudcdn.com
7 www.googletagmanager.com s4.forcloudcdn.com
www.googletagmanager.com
6 client-metrics.fordeal.com s4.forcloudcdn.com
5 cdn0.forter.com
4 www.facebook.com
4 www.google.de
4 www.google.com
4 connect.facebook.net s4.forcloudcdn.com
connect.facebook.net
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googleadservices.com www.googletagmanager.com
2 cdn9.forter.com 1 redirects
2 dot.fordeal.com s4.forcloudcdn.com
2 dot-hub-x.fordeal.com s4.forcloudcdn.com
2 www.fordeal.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 24619d37cd514d9db5fdb6ddf89f1045-b1c895c26dcd.cdn.forter.com
1 b1c895c26dcd.cdn4.forter.com www.fordeal.com
126 20
Subject Issuer Validity Valid
fordeal.com
Cloudflare Inc ECC CA-3
2021-07-10 -
2022-07-09
a year crt.sh
forcloudcdn.com
Cloudflare Inc ECC CA-3
2021-06-20 -
2022-06-19
a year crt.sh
*.cdn4.forter.com
GeoTrust RSA CA 2018
2021-11-16 -
2022-12-16
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-10-17 -
2022-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.cdn.forter.com
GeoTrust RSA CA 2018
2021-07-20 -
2022-08-20
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
cdn0.forter.com
GeoTrust RSA CA 2018
2021-07-20 -
2022-07-07
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.fordeal.com/de-DE/
Frame ID: F54CE8C56177D27B98F469B9D82ABBB4
Requests: 121 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7A885C9728C3CBCC8BF4C50235375913
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F7FE2763A515C4B891A9F3569216949D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Fordeal - Online-Shopping in Deutschland für Mode, Elektronik, Bekleidung, Computer, Lebensmittel & mehr | Fordeal.com

Page URL History Show full URLs

  1. https://www.fordeal.com/ HTTP 302
    https://www.fordeal.com/de-DE/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • forter\.com

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

126
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

20
Subdomains

17
IPs

3
Countries

1349 kB
Transfer

3296 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.fordeal.com/ HTTP 302
    https://www.fordeal.com/de-DE/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://cdn9.forter.com/vchk2 HTTP 301
  • https://cdn9.forter.com/vchk2/v1/7cbb5c9a351e2f7c6e70b71b18fa0feba2b6c85f7c8e1231eeee6809bec4c611ac7f4bca621154eed1f741d5a670

126 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.fordeal.com/de-DE/
Redirect Chain
  • https://www.fordeal.com/
  • https://www.fordeal.com/de-DE/
46 KB
12 KB
Document
General
Full URL
https://www.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16bf9c39f09d222a5aa5caa8698265321292099634720a0d5de5cffb89694d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 08 Jan 2022 11:04:36 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=60
x-backend
gacha
last-modified
Sat, 08 Jan 2022 10:54:00 GMT
etag
W/"b7c2-u0j6qavFefg8ae/1I7cdmmqIOwk"
strict-transport-security
max-age=31536000
referrer-policy
origin,strict-origin-when-cross-origin
x-content-type-options
nosniff
x-cache-status
STALE
vary
Accept-Language, User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f22c2cc95a0d-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 08 Jan 2022 11:04:36 GMT
content-type
text/html
content-length
138
location
https://www.fordeal.com/de-DE/
strict-transport-security
max-age=31536000
referrer-policy
origin,strict-origin-when-cross-origin
x-content-type-options
nosniff
vary
Accept-Language, User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f22b9b3b5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
footer.css
s4.forcloudcdn.com/-/libs/fd-base-style/1.4.1/base.pc.css,libs/fd-pc-module/1.6.5/header.css,libs/fd-pc-module/1.6.5/
31 KB
9 KB
Stylesheet
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-base-style/1.4.1/base.pc.css,libs/fd-pc-module/1.6.5/header.css,libs/fd-pc-module/1.6.5/footer.css
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3413c69c74d43a07eebafb7f897d130b6f5c13666e8ab1d90a21d545e46bbb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
7028
cf-polished
origSize=31750
x-cache-status
HIT
last-modified
Thu, 23 Dec 2021 11:47:55 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"7c06-d66LanOzAyU4XXWA6g2nmorMpJg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=691200
cf-ray
6ca4f23139290e2a-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
index.css
s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/
15 KB
4 KB
Stylesheet
General
Full URL
https://s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/index.css
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6dd5d1205e2f5995353e695fc519d00cd518d96757fb9d766ae773597b057b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
85322
cf-polished
origSize=14855
last-modified
Mon, 13 Sep 2021 06:13:48 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FZ9FZWGCW8583JJS
x-amz-id-2
FMAWwoBUhnGEk9NIbCBtJFHwvTClFe911hAPdKuNufCd9uG/9ZjMxU2yiAaHlM7EyP3dHxKGHFU=
cf-bgj
minify
server
cloudflare
etag
W/"488f41efb5c77d4a6b6857854ed52ddd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
x-amz-version-id
7GUkapYv56MQ2oX8ekPLISukVGRwY0pp
cf-ray
6ca4f230580c0e2a-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
s3.forcloudcdn.com/dmc/
690 B
929 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4489d7f9b2cda79b8237370d6b366e03be68a04aa279b8a144dc42256b9d5dd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12327466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KZACT9QMVSHPFGYR
x-amz-id-2
IedlTh5xfVsSSYHImHZeuSaGQxxo58wMSeiEvTnerHReSCbkK7/1z2uX5e/NmzCb4N859TnVQTk=
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
server
cloudflare
etag
W/"fd8982e7f3265f4df7eb5a0478932a76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
0ECgH3RObjKKgibUE.9n27kHio5rQYXX
cf-ray
6ca4f231887b59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
0484da8e-72cb-443a-bbed-92806d56cf1c.svg
s3.forcloudcdn.com/dmc/
2 KB
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/0484da8e-72cb-443a-bbed-92806d56cf1c.svg
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1600bf16a821098b0cfb481fc0e6d8440b1c0c0828623a27ceb8b6193d1b5eb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3130009
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
5GW0QDGKCQN3SCET
x-amz-id-2
1Il1bcLqlzME4HDK7nMbiWC2BfK4V6LCqIf60w7jD4xJg59aFIHclplAFKqzakkrJHaeJ/NQRyU=
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
server
cloudflare
etag
W/"1cfcd5af030d2898d8b5a12c60e4c3dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
yjI7bre2xaxJrcDJo8BLvFUmCHLDwcov
cf-ray
6ca4f231887e59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
7fa001b7-9521-40a0-be38-1e11c84b780c.svg
s3.forcloudcdn.com/dmc/
354 B
754 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/7fa001b7-9521-40a0-be38-1e11c84b780c.svg
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e4fb6b45eaab42347fcc2e5a33a2d1cdbab61b97d3a4bf7fb7dc028985017b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12322442
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
BZBDSD5JDBQZEZ57
x-amz-id-2
t30TzN8tXtf87sRA7H9Ziolu/B80rqmURGilOKzhGHl4mj4HzSV8Hlww4eDkIQZchR6xd9YK2k0=
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
server
cloudflare
etag
W/"8947d8ffd7d6f1fafbc7857ec914d494"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
72zfSNc1qzFt1yOLsl55SY5vKaKlrAt7
cf-ray
6ca4f231888159cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
s3.forcloudcdn.com/dmc/
2 KB
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a4d33167f969c3a15858db0e93efa46c53b69668cafad85c1f6d272aa4e5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6413027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPV4S31780RNS0WQ
x-amz-id-2
yLwfYB6s37X17UgcegnA53x6wEd3EdsJYTzvqWMPbm+4Z4yhXJsvaS3d3Io18Ye0B0eR1tODI1w=
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
server
cloudflare
etag
W/"db8a1721faae2bcefd4609023836f8d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
kwCFutP0Lgnpyfn3jsXdSo7TGu0KAN1C
cf-ray
6ca4f231888459cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
js.cookie.js
s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/
90 KB
32 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a302905c6c25ac577c155c0cbca23501b5b0f2c29935e4519a7530ebdc1abc8

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
2276
cf-polished
origSize=92909
x-cache-status
MISS
last-modified
Thu, 19 Aug 2021 02:25:13 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"16aed-q3oZcmhdC6+42F1obbM0R4SZEJU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6ca4f2316a5c0f6e-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
trackerUtils.js
s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/
49 KB
17 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15031439e48b483ea1ad6533398904f47a0556e8a181f652dde845d6a43f677

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
7028
cf-polished
origSize=49925
x-cache-status
MISS
last-modified
Wed, 29 Dec 2021 10:07:37 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"c305-N43WCTspUOwIW08uiQ11c/UGAOU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6ca4f2318abf5a31-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
promotion.pc.js
s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd...
121 KB
34 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.pc.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c44d9734132ab65cfffeb0bb7b50d808c5f08650cd73bb3d645550f90dcbd2e

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
1616
cf-polished
origSize=124044
x-cache-status
MISS
last-modified
Thu, 16 Dec 2021 14:09:00 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"1e48c-da6fwclktM81adCbnJCm8sFARt0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6ca4f2318aba5a31-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
footer.js
s4.forcloudcdn.com/-/libs/fd-vue-ui/1.1.2/popper.js,libs/fd-pc-module/1.6.5/header.js,libs/fd-pc-module/1.6.5/
160 KB
47 KB
Script
General
Full URL
https://s4.forcloudcdn.com/-/libs/fd-vue-ui/1.1.2/popper.js,libs/fd-pc-module/1.6.5/header.js,libs/fd-pc-module/1.6.5/footer.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5933e6c796edd38cc2b4375f1018d7aea4657afc6868581c8e1443633eda7f74

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
1616
cf-polished
origSize=163973
x-cache-status
MISS
last-modified
Thu, 23 Dec 2021 11:47:56 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"28085-jPHFU1TSPkQ5frqAguJHMaEMOdg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
6ca4f2318ac05a31-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
index.js
s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/
74 KB
25 KB
Script
General
Full URL
https://s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/index.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d8addd31f34301b9f80e455513a42fcf7fba428d353746eeb1d72d5f6e1a13

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
48777
cf-polished
origSize=76089
access-control-max-age
6000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YHXTCGN9XMMVS3HK
x-amz-id-2
fGR3YthzEMdnzUplyhSzbrilYFq+0Qq0dYO+HrB6yQOOaYU0wEIhrDqXJuQqp41I5BEZ/nFY3J8=
last-modified
Mon, 13 Sep 2021 06:13:48 GMT
server
cloudflare
etag
W/"fa50b28d6dff3e507414a4d10820f8dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 08 Jan 2023 11:04:37 GMT
cache-control
public, max-age=31536000
x-amz-version-id
mxyCAB1n5YQFV0NM3Q4YUXzqEdEF6eR5
cf-ray
6ca4f2319aca5a31-MXP
cf-bgj
minify
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebb7e88b223ab17e696b4edb6095bab42731ce537b0de170eed97d0452fd02f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
loading.da57f6d4.gif
s3.forcloudcdn.com/assets/fd-shared/images/
6 KB
7 KB
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/images/loading.da57f6d4.gif
Requested by
Host: s3.forcloudcdn.com
URL: https://s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3348e08f8e2a46d182d88b21acf8fc24504d19a299786a3d865a87d6e3066d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.forcloudcdn.com/assets/pc-fd-home/0.3.14/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
233415
cf-polished
origFmt=gif, origSize=6644
content-length
6332
content-disposition
inline; filename="loading.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
JFZY16WTGHE969H4
x-amz-id-2
AyZEb9C8LVkighIcPnqaxftqmCHWMppBhIyv19cZpDBGJDsQKWodpmgSaJZWR3j81b8Uf+2o+nU=
last-modified
Thu, 21 May 2020 02:41:25 GMT
server
cloudflare
etag
"da57f6d48c5040338aef33f22402ea19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 08 Jan 2023 11:04:37 GMT
cache-control
public, max-age=31536000
x-amz-version-id
iI9y.38UGF6ott63YY58e0j7B5GjkfS.
accept-ranges
bytes
cf-ray
6ca4f231888659cb-MXP
cf-bgj
imgq:100,h2pri
1
gw.fordeal.com/gw/dwp.horizon.config/
409 B
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?data=%7B%22key%22%3A%22h5TrackerConfig%22%7D&gw_ver=1&ct=1641639877456&plat=pc&appname=fordeal&sign=b3a5f51ec36169660d0d3c915f04ed04
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a487790e4892450950c5c1b65d0fb9d0de84ae718044504d004044e6ded8be04
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
10
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
horizon-5949d6cb47-lhd4v
gw-st
1641639877552
cf-ray
6ca4f2326ed25a0d-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.0d8ee7b03501408e90cf345646db8dcc.1673.16416398775429941
dotRecords
dot-hub-x.fordeal.com/api/v2/ Frame
0
0
Preflight
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f2337cd93748-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/
323 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
gw.fordeal.com/gw/dwp.trade-center-api.divisionRegionAll/
15 KB
3 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.trade-center-api.divisionRegionAll/1?data=&gw_ver=1&ct=1641639877527&plat=pc&appname=fordeal&sign=51024c2c62761b0090aa219c9b29ade7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e071442ca3d3d29cca3f254fa6287e40efe941cf4aaf269d02f5af4318bb54
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=gZTjDvuEAdg_FcRjpgPZatu4RAR8fgOcP2Qdq_UJO54-1641639877-0-AXnINnKa5AEzUTu24_2wvdttDPlBNuSWg9olAqhd3UdoTpExJZv3Ukn09X5jZ6NIXA
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gw-trace-id
0.c9563b85d87645f58f16d71f0df5598e.1701.16416398776355120
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
13
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
trade-center-567cd4f64d-rlxnm
gw-st
1641639877648
cf-ray
6ca4f232c8115a0d-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
front-end-https
on
1
gw.fordeal.com/gw/dwp.pandora.api/
4 KB
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.api/1?data=%7B%22code%22%3A%22mega_deal_recommend%22%7D&gw_ver=1&ct=1641639877602&plat=pc&appname=fordeal&sign=83e5b3272de724b5b0674c1293a69d1a
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fbed830d946069ffc66da5a411c76d51df0ec9ba7056ab091a21782acd18a3
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
2
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
6
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-search-pandora-prod-017244
gw-st
1641639877657
cf-ray
6ca4f2331890e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.3d64930f1ce34705ad13b84a80316448.1739.16416398776518723
1
gw.fordeal.com/gw/dwp.cheetah.mget/
2 KB
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.mget/1?data=%7B%22pids%22%3A%229163%2C9165%22%7D&gw_ver=1&ct=1641639877603&plat=pc&appname=fordeal&sign=6da3aa1b260504afc22347e26fe5f8cf
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d826d8c4d3f3440d8ed967311af167bd665dd5830d746a4fb982bd4384988720
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
47
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
50
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-base-cheetah-prod-025120
gw-st
1641639877704
cf-ray
6ca4f2331896e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.2177f8af6fd84386a7d9f75e9f622d2b.2410.16416398776549446
dotRecords
dot-hub-x.fordeal.com/api/v2/
32 B
448 B
XHR
General
Full URL
https://dot-hub-x.fordeal.com/api/v2/dotRecords
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ca4f2342a83e907-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotRecord
dot.fordeal.com/api/
32 B
570 B
XHR
General
Full URL
https://dot.fordeal.com/api/dotRecord
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=QnaX_ftilgKGI0pOXmyZdEsesaGkcVoxy.URqErSEC0-1641639877-0-AVk70zv-qfdZ-eLsyWR77Ck3j7oV2fCvoHW1fwzOaYL4xq-aIWn4yVh_5OXnUP0LeA
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
cf-ray
6ca4f2341c2b5a0d-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
1
gw.fordeal.com/gw/dwp.common.allDomain/
1 KB
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.common.allDomain/1?data=&gw_ver=1&ct=1641639877611&plat=pc&appname=fordeal&sign=f1b320db4dbd9b36b0fa49afa79b0175
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f4291eb50023de8c39efe11506c7080d8bc99b9761bcc62cf09110f0cfa4ce
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
1
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
3
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
gw-st
1641639877657
cf-ray
6ca4f23328a5e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
1.3075ab73568a404dae3008cbfa9ec3a4.1672.16416398776549778
1
gw.fordeal.com/gw/dwp.customerCenter.freePostage/
178 B
909 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.customerCenter.freePostage/1?data=&gw_ver=1&ct=1641639877618&plat=pc&appname=fordeal&sign=244d8b9d6838819ccb8ddfc10a17bcdd
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5ad8ead5fa7a3c18718e5a88d7ad0f465387fac1bd01dee9515260618c1a31
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
1
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
3
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
customer-center-7d9895cd47-z7qm5
gw-st
1641639877683
cf-ray
6ca4f23348e2e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
1.fb5880124c124f2b90c486801e03f5f6.3269.16416398776808330
1
gw.fordeal.com/gw/dwp.tradeCartWeb.countCart/
94 B
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.tradeCartWeb.countCart/1?data=&gw_ver=1&ct=1641639877619&plat=pc&appname=fordeal&sign=455fb6a23ec9336cbba2a6f4ee1309c6
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81354a8cad2e7e1dd032b3f3f62099d9b2a2ff97dd2a82c0eef9a4dd7d02d8aa
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=p7Hec_1X..MlW599dqg5KW4Zbb2tNJqyVz86.pex69w-1641639877-0-AZFM7BvknlKA0H6ysLKx1xYuv2owK2Qxj4nnasnfIsMGotXdxKT0_TPdLAAyPuvmAg
access-control-max-age
3600
service-rt
3
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
8
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
cart-center-766fb4b8d5-fmbsq
gw-st
1641639877710
cf-ray
6ca4f23348e5e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.0481f0d6f034408498bda45f18711d42.3524.16416398777028857
1
gw.fordeal.com/gw/dwp.pandora.api/
64 B
832 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.api/1?data=%7B%22code%22%3A%22place_holder%22%7D&gw_ver=1&ct=1641639877635&plat=pc&appname=fordeal&sign=e15338e33abb07eaa12cd6c3a00f400a
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba2c86e482f6eca77cc55e849115289703aaeb19e62650dd8e3e2b32996218b
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
3
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
6
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
pandora-6f569599dc-5cm98
gw-st
1641639877688
cf-ray
6ca4f23358f3e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.6af0d3d3a765437996cb3eab8188ca4c.3118.16416398776824830
1
gw.fordeal.com/gw/dwp.pandora.api/
540 B
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.api/1?data=%7B%22code%22%3A%22hot_search%22%7D&gw_ver=1&ct=1641639877635&plat=pc&appname=fordeal&sign=ceeb27074de04f425a11b14f7182b256
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47a49eca05ef454620df17c008276d671b33878ca5eb2f8dcd2ec5822683e84
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
3
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
6
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-search-pandora-prod-017244
gw-st
1641639877693
cf-ray
6ca4f23358f5e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.ac8869fe241d40088d61f855ca078aa5.5923.16416398776870433
1
gw.fordeal.com/gw/dwp.pandora.category_tree/
92 KB
18 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.category_tree/1?data=%7B%22code%22%3A%22category_tree%22%2C%22needTitle%22%3Atrue%7D&gw_ver=1&ct=1641639877642&plat=pc&appname=fordeal&sign=e7fdef4ba63717dc75326c6eb075f611
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf2f2b2356410b0b711aba2c83ae2c27cb3ffaa3049caf5a62368ca829fc97a
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
25
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gw-trace-id
0.e95c60960e5d452eb11857b537ac6e11.1704.16416398776885907
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
34
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-search-pandora-prod-025123
gw-st
1641639877722
cf-ray
6ca4f23358f7e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
front-end-https
on
1
gw.fordeal.com/gw/dwp.cheetah.mget/
6 KB
2 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.cheetah.mget/1?data=%7B%22pids%22%3A%22114923%2C114933%2C114934%2C114935%22%7D&gw_ver=1&ct=1641639877643&plat=pc&appname=fordeal&sign=f6cd052b6612f991eda8eb93b0aaf578
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2968b84236601b509087318e3cf490a9c5f96d9f4dd32d1ca744f45522fbd26c
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
4
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
8
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-base-cheetah-prod-022166
gw-st
1641639877708
cf-ray
6ca4f23358f9e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.2792fe890c24424784cb3f1758c2b62a.3159.16416398777004439
1
gw.fordeal.com/gw/dwp.horizon.config/
381 B
1 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.horizon.config/1?data=%7B%22key%22%3A%22FE.pixel.pc.fordeal%22%7D&gw_ver=1&ct=1641639877643&plat=pc&appname=fordeal&sign=a8ff0700352307165945c87303e0d7b3
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d536e43877d77f649394356cbc4866707bfce88268b55ffce113a9e7dabc2f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
0
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
3
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-base-horizon-prod-017184
gw-st
1641639877692
cf-ray
6ca4f23358fbe907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
0.01a45f6d74384223b98f2b0bbf0824b6.2508.16416398776894798
1
gw.fordeal.com/gw/dwp.pandora.api/
109 KB
14 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.api/1?data=%7B%22fcid%22%3A90001024%2C%22code%22%3A%22pc_home_recommend%22%2C%22page%22%3A1%2C%22pageSize%22%3A50%7D&gw_ver=1&ct=1641639877669&plat=pc&appname=fordeal&sign=d5a91aa7a71e6a2a4cb57572bfba7c8f
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691fdb3ec360ddcc33e464741c04035ac65093e9f1ee8d95a4366d84ea454d10
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
1
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
67
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gw-trace-id
1.d1d6c7a87b6b4ac8bca50311d8188056.1726.16416398777422871
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
73
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-search-pandora-prod-017244
gw-st
1641639877815
cf-ray
6ca4f2337929e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
front-end-https
on
dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
s3.forcloudcdn.com/dmc/
690 B
929 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/dd9a812e-2c88-405b-82aa-a9d50a4b9cb7.svg
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4489d7f9b2cda79b8237370d6b366e03be68a04aa279b8a144dc42256b9d5dd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12327466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KZACT9QMVSHPFGYR
x-amz-id-2
IedlTh5xfVsSSYHImHZeuSaGQxxo58wMSeiEvTnerHReSCbkK7/1z2uX5e/NmzCb4N859TnVQTk=
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
server
cloudflare
etag
W/"fd8982e7f3265f4df7eb5a0478932a76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
0ECgH3RObjKKgibUE.9n27kHio5rQYXX
cf-ray
6ca4f2337dcc59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
0484da8e-72cb-443a-bbed-92806d56cf1c.svg
s3.forcloudcdn.com/dmc/
2 KB
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/0484da8e-72cb-443a-bbed-92806d56cf1c.svg
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1600bf16a821098b0cfb481fc0e6d8440b1c0c0828623a27ceb8b6193d1b5eb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3130009
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
5GW0QDGKCQN3SCET
x-amz-id-2
1Il1bcLqlzME4HDK7nMbiWC2BfK4V6LCqIf60w7jD4xJg59aFIHclplAFKqzakkrJHaeJ/NQRyU=
last-modified
Mon, 28 Dec 2020 07:51:43 GMT
server
cloudflare
etag
W/"1cfcd5af030d2898d8b5a12c60e4c3dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
yjI7bre2xaxJrcDJo8BLvFUmCHLDwcov
cf-ray
6ca4f2337dd459cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
7fa001b7-9521-40a0-be38-1e11c84b780c.svg
s3.forcloudcdn.com/dmc/
354 B
754 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/7fa001b7-9521-40a0-be38-1e11c84b780c.svg
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e4fb6b45eaab42347fcc2e5a33a2d1cdbab61b97d3a4bf7fb7dc028985017b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12322442
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
BZBDSD5JDBQZEZ57
x-amz-id-2
t30TzN8tXtf87sRA7H9Ziolu/B80rqmURGilOKzhGHl4mj4HzSV8Hlww4eDkIQZchR6xd9YK2k0=
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
server
cloudflare
etag
W/"8947d8ffd7d6f1fafbc7857ec914d494"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
72zfSNc1qzFt1yOLsl55SY5vKaKlrAt7
cf-ray
6ca4f2337dd759cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
s3.forcloudcdn.com/dmc/
2 KB
2 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/d2850f95-7eb4-47b4-8ec9-a36aae1213c5.svg
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-polyfill/1.1.0/polyfill.js,libs/fd-f/3.6.0/f.js,libs/fd-image/1.5.1/image.js,libs/fd-base/1.5.1/base.js,libs/fd-tracker-utils/1.3.4/trackerUtils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a4d33167f969c3a15858db0e93efa46c53b69668cafad85c1f6d272aa4e5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6413027
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=smR8Vot3hFx1YnqD79V_NVkXZTCN7tgtY.fqO4BfN7o-1641639877-0-AWWH7hq42TnCaGiZBKpip0rlbGTrO2aG4zWet0wnYxphH1DFu7_jN4mCFfXeXahS4w
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPV4S31780RNS0WQ
x-amz-id-2
yLwfYB6s37X17UgcegnA53x6wEd3EdsJYTzvqWMPbm+4Z4yhXJsvaS3d3Io18Ye0B0eR1tODI1w=
last-modified
Mon, 28 Dec 2020 07:51:42 GMT
server
cloudflare
etag
W/"db8a1721faae2bcefd4609023836f8d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
kwCFutP0Lgnpyfn3jsXdSo7TGu0KAN1C
cf-ray
6ca4f2337dda59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
script.js
b1c895c26dcd.cdn4.forter.com/sn/b1c895c26dcd/
162 KB
59 KB
Script
General
Full URL
https://b1c895c26dcd.cdn4.forter.com/sn/b1c895c26dcd/script.js
Requested by
Host: www.fordeal.com
URL: https://www.fordeal.com/de-DE/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-51.fra2.r.cloudfront.net
Software
/
Resource Hash
a76a16dac3c86ca1c9a6df18e38540114af419cc8600894319f1ed95f641ab17
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 14:36:27 GMT
content-encoding
br
vary
Accept-Encoding
age
3356890
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 30 Nov 2021 14:36:27 GMT
x-sourcemap
https://cdn4.forter.com/map/suid/b1c895c26dcd/99054464457
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript; charset=utf-8
via
1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
cache-control
private, max-age=300
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
8R97A9PJSjLJqv-d7JuDQPHaMmDjIaGNyC923xYVQA2wsa1P-8FyUg==
expires
Tue, 30 Nov 2021 14:41:27 GMT
1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.png
s3.forcloudcdn.com/dmc/
198 B
795 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a74c61b630814919f8274bbf0a81941b6c5efaa1fdc328dd76c79277ff24745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
340910
cf-polished
origFmt=png, origSize=447
last-modified
Mon, 21 Oct 2019 02:56:33 GMT
content-length
198
content-disposition
inline; filename="1405839c-f2b8-41b3-a622-7c8fc217acc6-301x200.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P6JAXB5Z9KRPB2YT
x-amz-id-2
PT/oYbwFoakzhTYkZ5TwWEN+/iP8F5cOitz9UpOxNIsl5BtcmBUbT+Gyj69y55Ds6MuxaNwtjxY=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"06338aafa0957ee12643cf84652cea86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
x-amz-version-id
jHdTEO20IfWbYYWz6wogSfZ_l82c4jws
accept-ranges
bytes
cf-ray
6ca4f233ae3c59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
1
gw.fordeal.com/gw/dwp.pandora.search/
33 KB
5 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.search/1?data=%7B%22code%22%3A%22keyword_search%22%2C%22fcid%22%3A171006602%2C%22searchEntrance%22%3A%225%22%2C%22pageSize%22%3A10%2C%22customer_trace%22%3A%221.word.4.4.171006602..5of2fFnUVn9MoZ.%22%2C%22sf%22%3A302%7D&gw_ver=1&ct=1641639877703&plat=pc&appname=fordeal&sign=5a667aa5a49a12789bd4215063db8d07
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead370e54bce7c6bfb07855e083eda6bce3c2d4e0d57b138a77fb729d7669f73
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
105
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gw-trace-id
0.5f1ad239cd284e368a2a5f125de46a5d.3242.16416398777678755
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
109
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
aws-ir1-search-pandora-prod-025123
gw-st
1641639877876
cf-ray
6ca4f233c99ae907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
front-end-https
on
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.pc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
r+W7TKS264YObvkpSYSZOsM0T3wjzY/iGI95B66Qgk8BdBfhzeqmHSM75tuqMZWd6P4lxQtUSesYqs6JWhjhhg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 08 Jan 2022 11:04:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-94012617-7
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.pc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3a68392ef26b4375057ab9a08aa34c6cc0cdbf701b157925d20b3b476f34aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37137
x-xss-protection
0
expires
Sat, 08 Jan 2022 11:04:37 GMT
js
www.googletagmanager.com/gtag/
97 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-444294338
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.pc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b4a7ad1aec329554dec81a4d4997137a67f4b523a5f0d575b3c4c8d27940185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39642
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jan 2022 11:04:37 GMT
js
www.googletagmanager.com/gtag/
97 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-342693756
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/fd-url/1.5.0/url.js,libs/fd-dwp/1.9.1/dwp.js,libs/fd-dce/1.0.1/dce.js,libs/fd-f-dot/1.0.2/fDot.js,libs/fd-logger/1.8.11/logger.js,libs/fd-tracker/2.4.14/tracker.js,libs/fd-promotion/1.7.7/promotion.pc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b589da3564ff466a943cae463999afd5426258c08e70f1f28cd84f1010c117f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fordeal.com/
Origin
https://www.fordeal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39639
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jan 2022 11:04:37 GMT
1
gw.fordeal.com/gw/dwp.trade-center-api.addressDefaultAddress/
91 B
860 B
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.trade-center-api.addressDefaultAddress/1?data=&gw_ver=1&ct=1641639877737&plat=pc&appname=fordeal&sign=3084d8c9e6f21184f26ee69d7214de0f
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc120957e18b497fe1655ff4561d84ba437cc0f7d430fe6c2993cb0cb0f30895
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
1
date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
1
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
s_timestamp
1641639877
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
front-end-https
on
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
4
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
trade-center-567cd4f64d-4nbck
gw-st
1641639877800
cf-ray
6ca4f233e9eee907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
gw-trace-id
1.cfe22b02ee234d00b32d4a421016f618.2715.16416398777964790
94510e7a-cbc6-4681-bfb2-eb8d39a98826
https://www.fordeal.com/
3 KB
0
Other
General
Full URL
blob:https://www.fordeal.com/94510e7a-cbc6-4681-bfb2-eb8d39a98826
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d15dab70bbb94fbd475f92e4842f995d300e6757052606cfe6595f24fda2549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
2584
Content-Type
application/javascript
dfe0e60a-9d02-4559-85b8-766bb194d8c6-750x300.png_0q90.jpg
s4.forcloudcdn.com/dmc/
52 KB
53 KB
Image
General
Full URL
https://s4.forcloudcdn.com/dmc/dfe0e60a-9d02-4559-85b8-766bb194d8c6-750x300.png_0q90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d73a3e264dfe36d2375fe577a98dfd6c415294cbc523cdc89b78b59244c51f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
48776
cf-polished
origSize=54244, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 18 Nov 2021 02:00:26 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f234681c59cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
dc36797a-c3d9-4581-ae0e-ad58e63e0bd3-750x300.png_0q90.jpg
s4.forcloudcdn.com/dmc/
55 KB
55 KB
Image
General
Full URL
https://s4.forcloudcdn.com/dmc/dc36797a-c3d9-4581-ae0e-ad58e63e0bd3-750x300.png_0q90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09ecbd39bd63854d3b1450c8d55e97e4ad144f80dc32100eb116a98c0c2b2c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
48776
cf-polished
origSize=56262, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 07:37:39 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f234681e59cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
f00239ab-cf5c-4a82-a00f-a0cccb1fba29-750x300.png_0q90.jpg
s4.forcloudcdn.com/dmc/
81 KB
81 KB
Image
General
Full URL
https://s4.forcloudcdn.com/dmc/f00239ab-cf5c-4a82-a00f-a0cccb1fba29-750x300.png_0q90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0b581fa4743f74ed5ff88f2f9c6da29ce050e7a94cccf5b3bcc6d400080003

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
361251
cf-polished
origSize=82783, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 07:37:40 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f234681f59cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
8499222c-bdf8-4259-8b10-b12799b26cf0.svg
s3.forcloudcdn.com/dmc/
633 B
904 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/8499222c-bdf8-4259-8b10-b12799b26cf0.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd104039a74f86c60c1561a3eef0c7e595ae574450fe83db4fa4be97a9cd462

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3125733
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
SEEM6CZYKSGJCSB7
x-amz-id-2
KgnCFTamZPr4CqunkmUNgNtev1gdZPfADH80Z7NobQWv5KsOE3vCfI8WSkiKUAwkBHnVjleLf9M=
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
server
cloudflare
etag
W/"621845557cfba991fca2996b6b5e4c0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
971D8sjg89f_ZLYqAngwMsQNjgZKuqaI
cf-ray
6ca4f234682159cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
7e704b84-16cb-43db-b484-952fc448f93f.svg
s3.forcloudcdn.com/dmc/
551 B
861 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/7e704b84-16cb-43db-b484-952fc448f93f.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb9bc31b7eed956ad901e0543fbfa21b7ff60b58eac79bfd0a54a46225c61e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6410721
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPV49C9A7QV2ZYBA
x-amz-id-2
KeB/wbOJ9FSaN7Vj4GxE8YFPogkqu3HTU2tp94THOoCE8xJ6R8Vyq/okf018L9+iVf5nwaQUsKU=
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
server
cloudflare
etag
W/"c9a212f7a9f83ef7326daee2b887bda2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
vGr1QlSBhF.jGikZKUz_2cQ_WJ6lG0Z0
cf-ray
6ca4f234682359cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
8b9ac8aa-3bc9-4ca5-a9ad-4900e99475f9.svg
s3.forcloudcdn.com/dmc/
635 B
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/8b9ac8aa-3bc9-4ca5-a9ad-4900e99475f9.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad607def4a1e01e650bc103b01b54468062350aa869882d0ecc11ab2e2eea839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12326330
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=_dkt5NcqgKC7PyhA50OZkM1Ug2YC8rzQKymNNwcxIho-1641639877-0-AQcPkp7I_qics3JeFcznVOICPQ9s7TYhsHdi18lvHUOYgDc9Xsg73r3o2L0edWe1fQ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
M4H7Y3MCCCJ2DMWY
x-amz-id-2
7Nhj4ddPCj0mOuGAI/bu87yntAjmpn5IJQCnkfAipgFS0pNdpA3p2ZF9nE0/SyKTW96MnJC9vpI=
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
server
cloudflare
etag
W/"28a39ba75b080cf22c9ea160d860ccad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
XnkwJHunxhXyZjZxPF3WVmOP2tkKBTzS
cf-ray
6ca4f234682459cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
d3aac5cb-8ffd-4bf3-b599-f609ce2851cc.svg
s3.forcloudcdn.com/dmc/
436 B
813 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/d3aac5cb-8ffd-4bf3-b599-f609ce2851cc.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57a3c075dc5d80c5626e963e748fb761599b41f3b032dea01f4c80ad516317f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6410721
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPV7ZH262WMD9ZJR
x-amz-id-2
Ije3Sj+zgjQFFddvN6ItmnbhqhaJnWeEEqURBbzDSo53ZW3rgxk5iD/XeFE1NjKaWPwve+IGlo4=
last-modified
Tue, 29 Dec 2020 02:59:01 GMT
server
cloudflare
etag
W/"8bbd5b3308ab37cd81b8192bce2bacc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
nUf2VU_vLwndmxFHows5R4gPEQG.FO3D
cf-ray
6ca4f234682559cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
aa6477ef-d268-4a71-899a-a14967fd3b01.svg
s3.forcloudcdn.com/dmc/
605 B
873 B
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/aa6477ef-d268-4a71-899a-a14967fd3b01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49fba0d26ce7f9fb0ea2cfa04ca13c34fd5bda0650f9a89af2469956f860695

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3138414
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P8T8WHJD3EXFCBQC
x-amz-id-2
qd8T6qXDZxHtAtDK7b8rL1ewlwbP10B5vfWCx7+VkFNhrhu3auG8TTHv5mfu3rXsvZq47fL3EbE=
last-modified
Mon, 28 Dec 2020 04:19:47 GMT
server
cloudflare
etag
W/"baff82e41fa0cf90ab760de04589624b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=691200
x-amz-version-id
VNw7_V7c2VHoyF8cNv691em066eJy9O9
cf-ray
6ca4f234682859cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.png
s3.forcloudcdn.com/dmc/
2 KB
2 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82969cefa97e790bcd90417d3685f93defb2ef60d5b30426990ad08a74b5021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
4460574
cf-polished
origFmt=png, origSize=2016
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=aquzANJlvlyuZ5HZjjfyLg48IfUb5wP8DEsZ6EtrGMk-1641639877-0-AZ3SDOd-gESj7923wSxgy2FZ5aR8QrpyMqSzXtTI7MUWFhHYboylgsWq9qwa_okTJw
last-modified
Fri, 27 Nov 2020 04:05:55 GMT
content-length
1572
content-disposition
inline; filename="7a44369a-1106-4ee7-b08c-abf5aafa6929-64x64.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
5FZWF6JDYJRHMJ22
x-amz-id-2
v1lg18GO2ZniiQpqRc66Bh6ExIv1CVr8pookla6QCa+vi13ugiTSYGi9dMI/PHq8sovtBomweUo=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"a5c3a421ff1b0a43ff7e53a7b67ecbe1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
x-amz-version-id
4wHZjWCs4KoAdP2nKL2EihYf6.c7c1gs
accept-ranges
bytes
cf-ray
6ca4f234682959cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
033580da-95a9-42e7-885e-f530e2df4116-64x64.png
s3.forcloudcdn.com/dmc/
1 KB
2 KB
Image
General
Full URL
https://s3.forcloudcdn.com/dmc/033580da-95a9-42e7-885e-f530e2df4116-64x64.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dc11b0b3e1511dcb3952ce0650c9a5832db1d6390bc30c2e020e5da32868a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
cf-cache-status
HIT
age
505402
cf-polished
origFmt=png, origSize=1848
last-modified
Fri, 27 Nov 2020 04:06:32 GMT
content-length
1256
content-disposition
inline; filename="033580da-95a9-42e7-885e-f530e2df4116-64x64.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
YEJETBT335RXKMWN
x-amz-id-2
ajVhTyi7X6By3oQvK2s+TzxC4nMmnAgnvZgoCHtEh4aGeTujlCmy9Sa1zVXyS9IHVgLtR1nAPm4=
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"fcbc20c951d0155289fa77020d682590"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
x-amz-version-id
nzYRZbf3wUT2GLVFxt0jicImkh2Ly0gI
accept-ranges
bytes
cf-ray
6ca4f234682c59cb-MXP
expires
Sun, 16 Jan 2022 11:04:37 GMT
fd-facebook.d6d90c45.svg
s3.forcloudcdn.com/assets/fd-shared/icons/
345 B
734 B
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-facebook.d6d90c45.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1923f0c4d1fab0d6b8b38acdb3565258aaf46e0f5d363e4f97224db3253516f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6412378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPVDTG0Y3R2JEC7V
x-amz-id-2
0YCTX40gUMtLfDyibgtoAzMTKAtesQ+E3htgXzFzjNrZ2ZHMPnlkRPkGv33BBsYXUgqnr6Sa14I=
last-modified
Sat, 12 Sep 2020 12:47:36 GMT
server
cloudflare
etag
W/"d6d90c451c331a4c4c81e92459af9d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-version-id
SY3QF8PshcUx8c8WBOQ9WwMdGlQvJgJP
cf-ray
6ca4f234682d59cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
fd-instagram.9cffda69.svg
s3.forcloudcdn.com/assets/fd-shared/icons/
662 B
1 KB
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-instagram.9cffda69.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc14cdfe6bcd8ec72e4351948303d530a0f2c304e8f9c726c6632c67591180c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
12322440
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=ZZvnwi0pCezlOySK.JdVol1xbyFAHghnXil7xzvvKBU-1641639877-0-Ac0_wX3Ogn5Jt0gjQ3yTX5B6GYy2gw_TjVu8MRG770poRR3IA4_p513MRyequ6USPg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
WNBR09HKKKZNC0VV
x-amz-id-2
FEIy/dqIycRVtuYAlOlUZM4QdqFJ5de00vjqPQGaFiI2yKecoWMuh+JXfoxpR5oHllxzajpf+YM=
last-modified
Sat, 12 Sep 2020 12:47:36 GMT
server
cloudflare
etag
W/"9cffda69e3b939e7b5a45ee82646447a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-version-id
Moy356rWzT3zapB3yVTs8JdXymOrXri5
cf-ray
6ca4f234682f59cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
fd-twitter.2ff47730.svg
s3.forcloudcdn.com/assets/fd-shared/icons/
558 B
832 B
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-twitter.2ff47730.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be490d3fb5c10d7c74d2f9da742d81cf8138b4e7ee5e2479974e0675335fd5e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
6412378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FPV8RCDX7GDXVZW8
x-amz-id-2
sbk/gvxPsIJ6vXOcG9CdNenVBEv8+cJUiX+TPLYNw/2wC9KwhX9YG8eL8IyJx1cs1Rf5LiAkbp0=
last-modified
Sat, 12 Sep 2020 12:47:37 GMT
server
cloudflare
etag
W/"2ff477306484ebaf4209800788dca7f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-version-id
dMConmBMuXHnDvPbd2QrwmMqCTbPrO_J
cf-ray
6ca4f234683059cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
fd-youtube.7ac04726.svg
s3.forcloudcdn.com/assets/fd-shared/icons/
450 B
779 B
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-youtube.7ac04726.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324997cccef64b8971a628a6f793952cc55c0e98f3f83f4dcc628b2624d0aca1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3125732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
9SR0AHBEMK6DAHHB
x-amz-id-2
1E5tchKPC2BSqA7bMC3n0/oE8H2mm+cQcOBqDY3xcMSBcJdbUlVAY12TOTOFLQXZFmYiurPoG7M=
last-modified
Sat, 12 Sep 2020 12:47:38 GMT
server
cloudflare
etag
W/"7ac04726c25f9f7144ec449dc5aee06d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-version-id
RmqbWX9DhWQDf9a8d27ORJ_yfft.cSzm
cf-ray
6ca4f234683159cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
fd-linkedin.158451f5.svg
s3.forcloudcdn.com/assets/fd-shared/icons/
430 B
780 B
Image
General
Full URL
https://s3.forcloudcdn.com/assets/fd-shared/icons/fd-linkedin.158451f5.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65c0e88ae6a08250d4f9579c709dfcd52ecbb200044d14b61bf8681dd17e9c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:37 GMT
content-encoding
br
cf-cache-status
HIT
age
3125732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
9SRB0KBFQNPR1498
x-amz-id-2
p10WaGgHIJwdUVvZQALuUknL8UF0MmTKbjC05D0QqiWc8apFAMWClmG3Ff4vLx7sSwoAoNqYK24=
last-modified
Sat, 12 Sep 2020 12:47:37 GMT
server
cloudflare
etag
W/"158451f54a5ace1511f7a5c122cfad06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-amz-version-id
I.ESj.F8p9hjPVCrjAQvdvcJ6g4LJMKe
cf-ray
6ca4f234683259cb-MXP
expires
Sun, 08 Jan 2023 11:04:37 GMT
1
gw.fordeal.com/gw/dwp.pandora.search/
141 KB
14 KB
XHR
General
Full URL
https://gw.fordeal.com/gw/dwp.pandora.search/1?data=%7B%22fcid%22%3A130000036%2C%22code%22%3A%22category_search%22%2C%22page%22%3A1%2C%22pageSize%22%3A50%7D&gw_ver=1&ct=1641639877877&plat=pc&appname=fordeal&sign=957fefe3bac8973504e6faa0050197d5
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46890b3a985c709e9cb3c3e5cd5ea9e3f71b9a71716ebcd50db7f9c40f1c7863
Security Headers
Name Value
X-Frame-Options ALLOW-FROM https://www.snapchat.com

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

gw-trace-sampling
0
date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
access-control-max-age
3600
service-rt
68
gw-code
1001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gw-trace-id
0.295c2970bb3e403281eab60da6c43159.29.16416398779374301
s_timestamp
1641639878
server
cloudflare
x-frame-options
ALLOW-FROM https://www.snapchat.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
gw-rt
74
access-control-expose-headers
GW-ST,GW-Code,gw-set-cookie,GW-RT,Service-RT,gw-trace-id
cache-control
no-cache
access-control-allow-credentials
true
real-server
pandora-6f569599dc-5cm98
gw-st
1641639878012
cf-ray
6ca4f234ebc6e907-MXP
access-control-allow-headers
Content-Type,X-XSRF-TOKEN,sign,appname,plat,ct,gw_ver,gw-ver,gw-did,web-gw-did,web-id,f-g,Authorization,self-referer,gw-origin,gw-cookie-domain,gw-user-group,resp-body-json-strict
front-end-https
on
identity.js
connect.facebook.net/signals/plugins/
64 KB
20 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
GsxVk72JPdCVCyB+QvK4BmVziFS7EeYRsxLP2uiNZ5LCIQmQICZkH9N3OmVpDijqX8k159ddtnkivV1iiO7Veg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 08 Jan 2022 11:04:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
171574500264944
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/171574500264944?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27f42bf75a3db1daa97cea8e007e17ab63be78c94fbbc68d468507f366f7b4a5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88914
x-xss-protection
0
pragma
public
x-fb-debug
baeqKWVkWhcdKDYZPnfPB7blSsCdHxUDNzV/7/7s4U3PhXSzIczs9zT8WgA2iQ7Wy/6pvgh4fzA+E6YzqoKzLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 08 Jan 2022 11:04:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
7cbb5c9a351e2f7c6e70b71b18fa0feba2b6c85f7c8e1231eeee6809bec4c611ac7f4bca621154eed1f741d5a670
cdn9.forter.com/vchk2/v1/
Redirect Chain
  • https://cdn9.forter.com/vchk2
  • https://cdn9.forter.com/vchk2/v1/7cbb5c9a351e2f7c6e70b71b18fa0feba2b6c85f7c8e1231eeee6809bec4c611ac7f4bca621154eed1f741d5a670
0
322 B
XHR
General
Full URL
https://cdn9.forter.com/vchk2/v1/7cbb5c9a351e2f7c6e70b71b18fa0feba2b6c85f7c8e1231eeee6809bec4c611ac7f4bca621154eed1f741d5a670
Protocol
H2
Server
13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-116.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
x-amz-cf-id
saT7eQH7789F6Rdp9zZ5-TjrAWnuHSta4PCZv99Ig-Og3N7KY8l4PA==

Redirect headers

date
Sat, 08 Jan 2022 11:04:38 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
location
https://cdn9.forter.com/vchk2/v1/7cbb5c9a351e2f7c6e70b71b18fa0feba2b6c85f7c8e1231eeee6809bec4c611ac7f4bca621154eed1f741d5a670
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
private, s-maxage=0, proxy-revalidate
timing-allow-origin
*
x-amz-cf-id
mKRyS8pO34JE7OfKshD2BydojA5k4wFWDhWJGP_PFEp7vcxjdBw13g==
130656bf-d426-4b54-8d16-47d2560e7b34
https://www.fordeal.com/
12 KB
0
Other
General
Full URL
blob:https://www.fordeal.com/130656bf-d426-4b54-8d16-47d2560e7b34
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ada79a46aeadda85ba348d8a3a80318e43af8b888818957a5b4be6431b8606c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
11959
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-94012617-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-444294338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
359dad42870ff14d53a93122e642dc046b8270164fa97981b382be6edd325e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36387
x-xss-protection
0
expires
Sat, 08 Jan 2022 11:04:38 GMT
js
www.googletagmanager.com/gtag/
97 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-342693756&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-444294338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7c6a97e52ed99a5b098076659b8b9c1eb613465f9d492ee797f7500ce35f699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39641
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jan 2022 11:04:38 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-94012617-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
212
date
Sat, 08 Jan 2022 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 08 Jan 2022 13:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/
38 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-444294338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14724
x-xss-protection
0
server
cafe
etag
224124413464385116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 08 Jan 2022 11:04:38 GMT
js
www.googletagmanager.com/gtag/
135 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-444294338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0be42f85d8b3444c86a5c236bf769ecc2098b0c4e81ac9ff69e009f9a0acb02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51575
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Jan 2022 11:04:38 GMT
js
www.googletagmanager.com/gtag/
165 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZYY0PYZ6WZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-444294338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2dbb77273f19913eaec96accf4aec3f7ddb1d5dec77b8fe4d76b92af047ceda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62496
x-xss-protection
0
expires
Sat, 08 Jan 2022 11:04:38 GMT
prop.json
24619d37cd514d9db5fdb6ddf89f1045-b1c895c26dcd.cdn.forter.com/
2 B
623 B
Ping
General
Full URL
https://24619d37cd514d9db5fdb6ddf89f1045-b1c895c26dcd.cdn.forter.com/prop.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-25-89.compute-1.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 08 Jan 2022 11:04:38 GMT
Connection
close
Content-Length
2
Pragma
no-cache
Last-Modified
Fri, 31 Dec 2021 12:05:43 GMT
Server
Apache
ETag
"2-5d46ffd896446"
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.fordeal.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type, x-csrf-token
Expires
Wed, 11 Jan 1984 05:00:00 GMT
3b548113-03fe-46d8-9069-12461698615c-800x800.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
17 KB
17 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/3b548113-03fe-46d8-9069-12461698615c-800x800.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495f990a36e0c299afc13d0254b6418ad79638ee00f41d046f3c3a636f22ffa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
37032
cf-polished
origSize=17189, status=vary_header_present
x-cache-status
MISS
last-modified
Fri, 07 Jan 2022 03:56:23 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366d9e59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
d665f4e7-4e62-4376-b8d5-51f3a570f351-800x800.jpg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
12 KB
13 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/d665f4e7-4e62-4376-b8d5-51f3a570f351-800x800.jpg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d423d640d6c33809c52e540199c884da353cd99bca9216a045d38f02d1e33ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
37032
cf-polished
origSize=12962, status=vary_header_present
x-cache-status
MISS
last-modified
Sat, 28 Aug 2021 09:31:03 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366da559cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
e45da6fc-aa74-4a77-83b8-fd6dabbe7b3b-1000x1000.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
12 KB
13 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/e45da6fc-aa74-4a77-83b8-fd6dabbe7b3b-1000x1000.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e6079753c39c13e8ff83df22f91015d54d2ee14e4d53d0ae0dbda9667d8c88f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
1210609
cf-polished
origSize=12540, status=vary_header_present
x-cache-status
MISS
last-modified
Mon, 25 Oct 2021 07:10:08 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366da859cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
514ede55-0357-4142-9722-7e1738a342f3-800x800.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
18 KB
18 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/514ede55-0357-4142-9722-7e1738a342f3-800x800.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86431572a98c34edf49a808a0dd35cccc6fee3144125e74e1d667b072ae477b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
cf-polished
origSize=18401, status=vary_header_present
x-cache-status
MISS
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=YW6HPgcNW_KZNVTDjLw_zykG5Qb8fE1Vl1eHwKdy4fA-1641639878-0-ARqMqSiFmeqNQFrQPRYCh1sIraHCR958k42nBjAbHK3hj3NxtSLDffwE8keMpy4CZg
last-modified
Thu, 06 Jan 2022 06:29:21 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366daa59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
2ad06299-2fe1-4f2f-9ae8-f081404afd24-800x800.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
10 KB
11 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/2ad06299-2fe1-4f2f-9ae8-f081404afd24-800x800.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8248553c4d6b000ad43a6356aeeaf097ed2056d4e0617b36995ccfc846303234

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
52417
cf-polished
origSize=10595, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 12:35:41 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366dae59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
32447171-4b62-4501-a8cf-7afd4a66cbf1-151x151.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
11 KB
11 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/32447171-4b62-4501-a8cf-7afd4a66cbf1-151x151.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e21154aff34d199f4a60c9dafefe4a46571e14b78a899df38857a422b6bfa4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
8049289
cf-polished
origSize=11205, status=vary_header_present
x-cache-status
MISS
last-modified
Sun, 19 Sep 2021 01:54:55 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366daf59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
e1b12d4a-792a-43b1-ac06-c589c66b2257-164x202.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
7 KB
7 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/e1b12d4a-792a-43b1-ac06-c589c66b2257-164x202.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9f7b6c7fd2c1ec925cdd683992e93e30300123cafd226d5e0e6eed7e86b178

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
1183909
cf-polished
origSize=7344, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 07:19:47 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2366db459cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
584892c2-3dd7-4912-927f-f60749f42290-135x194.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
7 KB
8 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/584892c2-3dd7-4912-927f-f60749f42290-135x194.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bded4716b0e8b248d223497c92a22af40d8cfea38fc447e3d662f69cf30bfcee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
5249861
cf-polished
origSize=7698, status=vary_header_present
x-cache-status
MISS
last-modified
Mon, 25 Oct 2021 05:48:25 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dbd59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
f19c5d0e-fa12-4f37-8263-983e9ddcb825-150x200.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
10 KB
11 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/f19c5d0e-fa12-4f37-8263-983e9ddcb825-150x200.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29e494f4484d79747e6128553cbfd9247bf514f2100900cfea8064d76ff5c18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
1183024
cf-polished
origSize=10552, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 08:04:52 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dc259cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
711a0817-fedb-463b-84d8-bf25cc6309a1-168x240.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
9 KB
9 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/711a0817-fedb-463b-84d8-bf25cc6309a1-168x240.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9922cd1d3f7756afbb5a2455c69704b4f3f419a53ccd743e60797a790fe560

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
608627
cf-polished
origSize=9244, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 07:26:21 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dc659cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
006f91f019d7ccf2445ddaa15f4625d3.jpg_225f1.jpg
s4.forcloudcdn.com/merchant/upload/
5 KB
6 KB
Image
General
Full URL
https://s4.forcloudcdn.com/merchant/upload/006f91f019d7ccf2445ddaa15f4625d3.jpg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0931461665398bc768cffcb1d16dbcc3dbd1e196612417ae09fd4f2448a242

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
8218066
cf-polished
origSize=5783, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 30 Sep 2021 16:09:10 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dca59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
54a68bd9-9daf-4039-b801-3e53dfcb1254-136x188.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
10 KB
11 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/54a68bd9-9daf-4039-b801-3e53dfcb1254-136x188.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4241c3be1d95d547e8f7a1c515a63d8c33bff22d5f36cc931a0172c611ffd993

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
65903
cf-polished
origSize=10829, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 04 Nov 2021 05:27:28 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dce59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
a6c7c827-dc38-40cf-9657-99338ce9ddb3-1500x1500.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
4 KB
5 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/a6c7c827-dc38-40cf-9657-99338ce9ddb3-1500x1500.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc42406066e608be1a692a7965caaae31fa77f5a1569a64b258b4bb77dd8e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
65939
cf-polished
origSize=4742, status=vary_header_present
x-cache-status
MISS
last-modified
Sun, 26 Sep 2021 05:19:04 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dd259cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
0b482284-cd7b-4ee7-8b95-5db04b30eded-1000x1000.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
10 KB
11 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/0b482284-cd7b-4ee7-8b95-5db04b30eded-1000x1000.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7953000b08221adcb495c71d12f7366ad40c6b45209fb5dc2f805019cab8179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
46717
cf-polished
origSize=10821, status=vary_header_present
x-cache-status
MISS
last-modified
Fri, 07 Jan 2022 13:20:02 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dd559cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
a968fdfb-d950-4037-8647-4e9d35ebcb4f-600x600.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
5 KB
6 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/a968fdfb-d950-4037-8647-4e9d35ebcb4f-600x600.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c81906b9052644ddc4c0169c5a7edfc7f8fa06fe1db24eb4eca54b18ef9545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
1183024
cf-polished
origSize=5794, status=vary_header_present
x-cache-status
MISS
content-security-policy-report-only
script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=CJbOfj6zHs1ZzKwaThSBzOeQ7jgipIpoKW8oPuop9n4-1641639878-0-AV2l2ZFoyjo4m3AOlp1dlIECrxOQ2yGjRwLCgQxKJnh1CK3ByMp1Q7VHKG3aWtTk7Q
last-modified
Mon, 25 Oct 2021 06:16:08 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dd659cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
ccea5b67-e584-4968-86c9-36c027c75322.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
12 KB
12 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/ccea5b67-e584-4968-86c9-36c027c75322.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c12a88d7b4cfb92842d567e49cb826b9bfef088bfbc456f647aed82f0af5b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
174340
cf-polished
origSize=12062, status=vary_header_present
x-cache-status
HIT
last-modified
Tue, 04 Jan 2022 06:16:12 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dd959cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
0e3d5f4b-e588-416d-9ec5-bf6aa0cd0969-320x320.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
8 KB
9 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/0e3d5f4b-e588-416d-9ec5-bf6aa0cd0969-320x320.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160f1b073a056a07510696af3ebc661fb977bab2428ce25872f54b9c885783a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
1118994
cf-polished
origSize=8560, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 04 Nov 2021 01:42:25 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dde59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
ffd92953-f343-4256-8ff5-15138512caa3-800x800.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
7 KB
8 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/ffd92953-f343-4256-8ff5-15138512caa3-800x800.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36fdfe099af3cd4b930872e5d7cab7cb71f2d49c83eb2c5fa58082d92897fe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
65906
cf-polished
origSize=7690, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 09:27:07 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367de259cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
125d8ed8-a2dd-40a6-bdc6-bb60e49f09b3-800x800.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
10 KB
10 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/125d8ed8-a2dd-40a6-bdc6-bb60e49f09b3-800x800.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5816c6e0923ba8722d527e07d4144d7ec707d9cf7f942d4f47afcca03f3ad683

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
164135
cf-polished
origSize=10046, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 26 Oct 2021 09:22:12 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367de559cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
980eb06161adea6f29f987073eb03aeb.jpg_225f1.jpg
s4.forcloudcdn.com/merchant/upload/
6 KB
6 KB
Image
General
Full URL
https://s4.forcloudcdn.com/merchant/upload/980eb06161adea6f29f987073eb03aeb.jpg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bacf99345da0e49f0e4816550fdac137912819467ee8d28ff9cfb94417aa9c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
174340
cf-polished
origSize=6335, status=vary_header_present
x-cache-status
MISS
last-modified
Wed, 05 Jan 2022 20:12:14 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367de859cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
a3446437-ea68-46b5-afff-0e0cc259f3a8-230x300.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
6 KB
6 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/a3446437-ea68-46b5-afff-0e0cc259f3a8-230x300.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea5097184352e2dea7b080c88443e185f2de22e035e26542d4bd827104a1bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
403182
cf-polished
origSize=6381, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 28 Dec 2021 15:59:28 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367de959cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
588711c4-37f4-49ff-aef7-9178397ff082-248x300.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
7 KB
7 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/588711c4-37f4-49ff-aef7-9178397ff082-248x300.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af432d4595e067a1f7b0111445febd2e31c9b0c1f38229e30489eb711816e223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
173511
cf-polished
origSize=7160, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 06 Jan 2022 01:54:30 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367deb59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
aafb8e87-e6ab-4a4d-8c24-8899d6801b6f-500x500.jpeg_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
11 KB
12 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/aafb8e87-e6ab-4a4d-8c24-8899d6801b6f-500x500.jpeg_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f556d1c88cb08276e39be50d01e2a3e3d5e7493f8a30c8274d55d0b0edd873

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
852140
cf-polished
origSize=11762, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 28 Dec 2021 15:11:00 GMT
web
aws-ir1-front-cdnsrc-031095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367dec59cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
e8f860dc-570e-4e07-85b0-96fd7e024603-150x131.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
8 KB
8 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/e8f860dc-570e-4e07-85b0-96fd7e024603-150x131.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39376e4ebc8a7332a778c1060aa48902119c512f42f2b70641bb1bc60293fde8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
163798
cf-polished
origSize=8304, status=vary_header_present
x-cache-status
MISS
last-modified
Tue, 04 Jan 2022 05:45:20 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367df059cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
3ebfcfa7-aec0-4756-aa23-6af99765c301-136x155.gif_225f1.jpg
s4.forcloudcdn.com/item/images/dmc/
9 KB
9 KB
Image
General
Full URL
https://s4.forcloudcdn.com/item/images/dmc/3ebfcfa7-aec0-4756-aa23-6af99765c301-136x155.gif_225f1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb467b02703a81f0077b5a846ed907d6c4d909edb94e5e04de97dd3dc07aa7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
cf-cache-status
HIT
age
174340
cf-polished
origSize=9050, status=vary_header_present
x-cache-status
MISS
last-modified
Thu, 18 Nov 2021 10:57:18 GMT
web
aws-ir1-front-cdnsrc-017149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
6ca4f2367df359cb-MXP
expires
Sun, 08 Jan 2023 11:04:38 GMT
1232841863581518
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1232841863581518?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c41644ce7bca99d35c4e799040eec6a13090d15569987709d80d67843779cb08
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Egob4J68m2q/+SdYUauBykAUaMSgqhNoX9qdYnjSJ5eIpskFr64+1/0xlivsECT7YZVKfsVvd/A3YROfbpJwsQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 08 Jan 2022 11:04:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1244286228&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&ul=en-us&de=UTF-8&dt=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=865922165&gjid=1818460971&cid=1335259949.1641639878&tid=UA-94012617-7&_gid=775561050.1641639878&_r=1&gtm=2ou150&z=68930446
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/342693756/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/342693756/?random=1641639878288&cv=9&fst=1641639878288&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97131d4d8c78dcc784d1aba321c1ad91ac5aba35f8896233914f5ac29be975b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/444294338/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/444294338/?random=1641639878292&cv=9&fst=1641639878292&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d9b0093d7a235ef8238979b1e883d0d85f098bd424e52d75cc9f9ab0b86dbb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1124
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
38 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-927470498&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14724
x-xss-protection
0
server
cafe
etag
224124413464385116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 08 Jan 2022 11:04:38 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZYY0PYZ6WZ&gtm=2oe150&_p=1244286228&sr=1600x1200&ul=en-us&cid=1335259949.1641639878&_s=1&dl=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&dt=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&sid=1641639878&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZYY0PYZ6WZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
442 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-94012617-7&cid=1335259949.1641639878&jid=865922165&gjid=1818460971&_gid=775561050.1641639878&_u=YEBAAUAAAAAAAC~&z=1294290725
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 08 Jan 2022 11:04:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.fordeal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/342693756/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/342693756/?random=1641639878288&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=2215292918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/342693756/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/342693756/?random=1641639878288&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=2215292918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/444294338/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/444294338/?random=1641639878292&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=3510453825&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/444294338/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/444294338/?random=1641639878292&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&eid=592230570&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=3510453825&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/927470498/?random=1641639878375&cv=9&fst=1641639878375&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cf804401b235a5e0417a8bdd35aeb3d4df795b958ca00dda7057cceb34a8908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-94012617-7&cid=1335259949.1641639878&jid=865922165&_u=YEBAAUAAAAAAAC~&z=1243679702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-94012617-7&cid=1335259949.1641639878&jid=865922165&_u=YEBAAUAAAAAAAC~&z=1243679702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/927470498/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/927470498/?random=1641639878375&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=545842360&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/927470498/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/927470498/?random=1641639878375&cv=9&fst=1641639600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&tiba=Fordeal%20-%20Online-Shopping%20in%20Deutschland%20f%C3%BCr%20Mode%2C%20Elektronik%2C%20Bekleidung%2C%20Computer%2C%20Lebensmittel%20%26%20mehr%20%7C%20Fordeal.com&async=1&fmt=3&is_vtc=1&random=545842360&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 08 Jan 2022 11:04:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
407 B
Image
General
Full URL
https://www.facebook.com/tr/?id=171574500264944&ev=PageView&dl=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&rl=&if=false&ts=1641639878472&cd[content_type]=product&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641639878471.2009993920&it=1641639877950&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 08 Jan 2022 11:04:38 GMT
/
www.facebook.com/tr/
44 B
212 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1232841863581518&ev=PageView&dl=https%3A%2F%2Fwww.fordeal.com%2Fde-DE%2F&rl=&if=false&ts=1641639878475&cd[content_type]=product&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641639878471.2009993920&it=1641639877950&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 11:04:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 08 Jan 2022 11:04:38 GMT
prop.json
cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/
20 B
359 B
XHR
General
Full URL
https://cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/prop.json?_=1641639878899
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-108-33.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Jan 2022 11:04:39 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.fordeal.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
/
www.facebook.com/tr/ Frame 7A88
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Sat, 08 Jan 2022 11:04:39 GMT
/
www.facebook.com/tr/ Frame F7FE
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.fordeal.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Sat, 08 Jan 2022 11:04:39 GMT
dotMets
client-metrics.fordeal.com/api/ Frame
0
0
Preflight
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 08 Jan 2022 11:04:39 GMT
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
front-end-https
on
x-envoy-upstream-service-time
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f23d7a1c3748-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotMets
client-metrics.fordeal.com/api/ Frame
0
0
Preflight
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 08 Jan 2022 11:04:39 GMT
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f23d7a193748-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotMets
client-metrics.fordeal.com/api/
32 B
448 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Jan 2022 11:04:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ca4f23dfac7e907-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dotMets
client-metrics.fordeal.com/api/
32 B
489 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Jan 2022 11:04:39 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
cf-ray
6ca4f23dfacae907-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
prop.json
cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/
20 B
359 B
XHR
General
Full URL
https://cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/prop.json?_=1641639879315
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-108-33.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Jan 2022 11:04:39 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.fordeal.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
prop.json
cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/
20 B
359 B
XHR
General
Full URL
https://cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/prop.json?_=1641639879510
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-108-33.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.fordeal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 08 Jan 2022 11:04:39 GMT
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.fordeal.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Expires
-1
wpt.json
cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/
20 B
416 B
XHR
General
Full URL
https://cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/wpt.json
Requested by
Host:
URL: (program):2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-108-33.compute-1.amazonaws.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 08 Jan 2022 11:04:39 GMT
ETag
W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.fordeal.com
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
20
Expires
-1
wpt.json
cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/ Frame
0
0
Preflight
General
Full URL
https://cdn0.forter.com/b1c895c26dcd/24619d37cd514d9db5fdb6ddf89f1045/wpt.json
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-108-33.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type
Content-Length
0
Date
Sat, 08 Jan 2022 11:04:39 GMT
Connection
keep-alive
dotData
dot.fordeal.com/api/
32 B
489 B
XHR
General
Full URL
https://dot.fordeal.com/api/dotData
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 08 Jan 2022 11:04:40 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
cf-ray
6ca4f242eacae907-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
dotMets
client-metrics.fordeal.com/api/
32 B
489 B
XHR
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Requested by
Host: s4.forcloudcdn.com
URL: https://s4.forcloudcdn.com/-/libs/vue/2.6.14/vue.runtime.min.js,libs/vuex/3.4.0/vuex.min.js,libs/axios/0.18.0/axios.min.js,libs/js-cookie/2.2.0/src/js.cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1591 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.fordeal.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Jan 2022 11:04:40 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
cf-ray
6ca4f246c926e907-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
front-end-https
on
dotMets
client-metrics.fordeal.com/api/ Frame
0
0
Preflight
General
Full URL
https://client-metrics.fordeal.com/api/dotMets
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1491 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.fordeal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 08 Jan 2022 11:04:40 GMT
access-control-allow-origin
https://www.fordeal.com
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, x-token, Authorization, x-xsrf-token
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
front-end-https
on
x-envoy-upstream-service-time
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ca4f2464a4f5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| FD_ERROR_QUE string| F_PLAT object| F_CONFIG object| F_DATA function| Vue object| Vuex function| axios function| Cookies object| F function| EventEmitter object| webpackJsonp object| Popper number| ftr__startScriptLoad function| fbq function| _fbq object| dataLayer function| gtag object| ftr__ext function| ftr__ object| ftr__scriptLoadOptions object| ftr__bufferW object| ftr__JSON3 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady

17 Cookies

Domain/Path Name / Value
.fordeal.com/ Name: lan
Value: de
.fordeal.com/ Name: region
Value: DE
.fordeal.com/ Name: gw-did
Value: web_668bdc8079f647ee9841704fcc5f46bb
.fordeal.com/ Name: cur
Value: EUR
.fordeal.com/ Name: system
Value: pc
.fordeal.com/ Name: has_uuid
Value: true
.fordeal.com/ Name: timezone
Value: +3
.fordeal.com/ Name: uuid
Value: web_h5_8dadf0811ea34fcf92d9af9daa7d19f8
.fordeal.com/ Name: forterToken
Value: 24619d37cd514d9db5fdb6ddf89f1045_1641639877608__UDF43_13ck
.fordeal.com/ Name: _gcl_au
Value: 1.1.296782712.1641639878
.fordeal.com/ Name: _gid
Value: GA1.2.775561050.1641639878
.fordeal.com/ Name: _gat_gtag_UA_94012617_7
Value: 1
.fordeal.com/ Name: _ga_ZYY0PYZ6WZ
Value: GS1.1.1641639878.1.0.1641639878.0
.fordeal.com/ Name: _ga
Value: GA1.1.1335259949.1641639878
.doubleclick.net/ Name: IDE
Value: AHWqTUkIpseWf641DpHJBm1ZaRc57X3gHIWkLANLf76pI71IIjHqqjfuv2becP6D
.fordeal.com/ Name: _fbp
Value: fb.1.1641639878471.2009993920
.facebook.com/ Name: fr
Value: 0whcMGkjfMadoZ3Fl..Bh2W_G...1.0.Bh2W_G.

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24619d37cd514d9db5fdb6ddf89f1045-b1c895c26dcd.cdn.forter.com
b1c895c26dcd.cdn4.forter.com
cdn0.forter.com
cdn9.forter.com
client-metrics.fordeal.com
connect.facebook.net
dot-hub-x.fordeal.com
dot.fordeal.com
googleads.g.doubleclick.net
gw.fordeal.com
s3.forcloudcdn.com
s4.forcloudcdn.com
stats.g.doubleclick.net
www.facebook.com
www.fordeal.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.193.116
13.225.80.51
142.250.185.98
2606:4700::6812:1491
2606:4700::6812:1591
2606:4700::6812:18c9
2a00:1450:4001:802::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.234.25.89
54.243.108.33
01d536e43877d77f649394356cbc4866707bfce88268b55ffce113a9e7dabc2f
09ecbd39bd63854d3b1450c8d55e97e4ad144f80dc32100eb116a98c0c2b2c4e
0c12a88d7b4cfb92842d567e49cb826b9bfef088bfbc456f647aed82f0af5b1e
0d423d640d6c33809c52e540199c884da353cd99bca9216a045d38f02d1e33ab
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1600bf16a821098b0cfb481fc0e6d8440b1c0c0828623a27ceb8b6193d1b5eb6
160f1b073a056a07510696af3ebc661fb977bab2428ce25872f54b9c885783a5
16bf9c39f09d222a5aa5caa8698265321292099634720a0d5de5cffb89694d5c
1923f0c4d1fab0d6b8b38acdb3565258aaf46e0f5d363e4f97224db3253516f9
1ada79a46aeadda85ba348d8a3a80318e43af8b888818957a5b4be6431b8606c
1d9b0093d7a235ef8238979b1e883d0d85f098bd424e52d75cc9f9ab0b86dbb8
1e0931461665398bc768cffcb1d16dbcc3dbd1e196612417ae09fd4f2448a242
1e6079753c39c13e8ff83df22f91015d54d2ee14e4d53d0ae0dbda9667d8c88f
22d8addd31f34301b9f80e455513a42fcf7fba428d353746eeb1d72d5f6e1a13
27f42bf75a3db1daa97cea8e007e17ab63be78c94fbbc68d468507f366f7b4a5
2968b84236601b509087318e3cf490a9c5f96d9f4dd32d1ca744f45522fbd26c
2a74c61b630814919f8274bbf0a81941b6c5efaa1fdc328dd76c79277ff24745
2dbb77273f19913eaec96accf4aec3f7ddb1d5dec77b8fe4d76b92af047ceda9
324997cccef64b8971a628a6f793952cc55c0e98f3f83f4dcc628b2624d0aca1
3348e08f8e2a46d182d88b21acf8fc24504d19a299786a3d865a87d6e3066d5c
33f556d1c88cb08276e39be50d01e2a3e3d5e7493f8a30c8274d55d0b0edd873
359dad42870ff14d53a93122e642dc046b8270164fa97981b382be6edd325e76
39376e4ebc8a7332a778c1060aa48902119c512f42f2b70641bb1bc60293fde8
3a302905c6c25ac577c155c0cbca23501b5b0f2c29935e4519a7530ebdc1abc8
3c44d9734132ab65cfffeb0bb7b50d808c5f08650cd73bb3d645550f90dcbd2e
3cf804401b235a5e0417a8bdd35aeb3d4df795b958ca00dda7057cceb34a8908
3e21154aff34d199f4a60c9dafefe4a46571e14b78a899df38857a422b6bfa4b
4241c3be1d95d547e8f7a1c515a63d8c33bff22d5f36cc931a0172c611ffd993
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4489d7f9b2cda79b8237370d6b366e03be68a04aa279b8a144dc42256b9d5dd2
46890b3a985c709e9cb3c3e5cd5ea9e3f71b9a71716ebcd50db7f9c40f1c7863
46fbed830d946069ffc66da5a411c76d51df0ec9ba7056ab091a21782acd18a3
495f990a36e0c299afc13d0254b6418ad79638ee00f41d046f3c3a636f22ffa2
5816c6e0923ba8722d527e07d4144d7ec707d9cf7f942d4f47afcca03f3ad683
5933e6c796edd38cc2b4375f1018d7aea4657afc6868581c8e1443633eda7f74
691fdb3ec360ddcc33e464741c04035ac65093e9f1ee8d95a4366d84ea454d10
69a066768537ea861b3418084e6bb16e3660938019fd0abcc4adc76db16b8d43
6b4a7ad1aec329554dec81a4d4997137a67f4b523a5f0d575b3c4c8d27940185
6d15dab70bbb94fbd475f92e4842f995d300e6757052606cfe6595f24fda2549
7ba2c86e482f6eca77cc55e849115289703aaeb19e62650dd8e3e2b32996218b
7bacf99345da0e49f0e4816550fdac137912819467ee8d28ff9cfb94417aa9c5
7cf2f2b2356410b0b711aba2c83ae2c27cb3ffaa3049caf5a62368ca829fc97a
81354a8cad2e7e1dd032b3f3f62099d9b2a2ff97dd2a82c0eef9a4dd7d02d8aa
8248553c4d6b000ad43a6356aeeaf097ed2056d4e0617b36995ccfc846303234
83c81906b9052644ddc4c0169c5a7edfc7f8fa06fe1db24eb4eca54b18ef9545
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e4fb6b45eaab42347fcc2e5a33a2d1cdbab61b97d3a4bf7fb7dc028985017b
86431572a98c34edf49a808a0dd35cccc6fee3144125e74e1d667b072ae477b6
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
97131d4d8c78dcc784d1aba321c1ad91ac5aba35f8896233914f5ac29be975b4
9b589da3564ff466a943cae463999afd5426258c08e70f1f28cd84f1010c117f
9b9922cd1d3f7756afbb5a2455c69704b4f3f419a53ccd743e60797a790fe560
a0e071442ca3d3d29cca3f254fa6287e40efe941cf4aaf269d02f5af4318bb54
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a487790e4892450950c5c1b65d0fb9d0de84ae718044504d004044e6ded8be04
a57a3c075dc5d80c5626e963e748fb761599b41f3b032dea01f4c80ad516317f
a76a16dac3c86ca1c9a6df18e38540114af419cc8600894319f1ed95f641ab17
abd104039a74f86c60c1561a3eef0c7e595ae574450fe83db4fa4be97a9cd462
acc42406066e608be1a692a7965caaae31fa77f5a1569a64b258b4bb77dd8e8a
ad607def4a1e01e650bc103b01b54468062350aa869882d0ecc11ab2e2eea839
af432d4595e067a1f7b0111445febd2e31c9b0c1f38229e30489eb711816e223
b0be42f85d8b3444c86a5c236bf769ecc2098b0c4e81ac9ff69e009f9a0acb02
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3413c69c74d43a07eebafb7f897d130b6f5c13666e8ab1d90a21d545e46bbb3
b3dc11b0b3e1511dcb3952ce0650c9a5832db1d6390bc30c2e020e5da32868a1
b6f4291eb50023de8c39efe11506c7080d8bc99b9761bcc62cf09110f0cfa4ce
bdb467b02703a81f0077b5a846ed907d6c4d909edb94e5e04de97dd3dc07aa7d
bded4716b0e8b248d223497c92a22af40d8cfea38fc447e3d662f69cf30bfcee
be490d3fb5c10d7c74d2f9da742d81cf8138b4e7ee5e2479974e0675335fd5e5
c41644ce7bca99d35c4e799040eec6a13090d15569987709d80d67843779cb08
c4a4d33167f969c3a15858db0e93efa46c53b69668cafad85c1f6d272aa4e5d4
c7953000b08221adcb495c71d12f7366ad40c6b45209fb5dc2f805019cab8179
cc9f7b6c7fd2c1ec925cdd683992e93e30300123cafd226d5e0e6eed7e86b178
cd5ad8ead5fa7a3c18718e5a88d7ad0f465387fac1bd01dee9515260618c1a31
d0c6e973789174cc9a87a6695c2f6ef3e5d5956f4038bed7b0a40b1f295bf618
d47a49eca05ef454620df17c008276d671b33878ca5eb2f8dcd2ec5822683e84
d49fba0d26ce7f9fb0ea2cfa04ca13c34fd5bda0650f9a89af2469956f860695
d6dd5d1205e2f5995353e695fc519d00cd518d96757fb9d766ae773597b057b3
d73a3e264dfe36d2375fe577a98dfd6c415294cbc523cdc89b78b59244c51f06
d826d8c4d3f3440d8ed967311af167bd665dd5830d746a4fb982bd4384988720
d82969cefa97e790bcd90417d3685f93defb2ef60d5b30426990ad08a74b5021
dc120957e18b497fe1655ff4561d84ba437cc0f7d430fe6c2993cb0cb0f30895
dc14cdfe6bcd8ec72e4351948303d530a0f2c304e8f9c726c6632c67591180c6
dd0b581fa4743f74ed5ff88f2f9c6da29ce050e7a94cccf5b3bcc6d400080003
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15031439e48b483ea1ad6533398904f47a0556e8a181f652dde845d6a43f677
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e7c6a97e52ed99a5b098076659b8b9c1eb613465f9d492ee797f7500ce35f699
ead370e54bce7c6bfb07855e083eda6bce3c2d4e0d57b138a77fb729d7669f73
ebb7e88b223ab17e696b4edb6095bab42731ce537b0de170eed97d0452fd02f5
ebb9bc31b7eed956ad901e0543fbfa21b7ff60b58eac79bfd0a54a46225c61e2
eea5097184352e2dea7b080c88443e185f2de22e035e26542d4bd827104a1bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29e494f4484d79747e6128553cbfd9247bf514f2100900cfea8064d76ff5c18
f36fdfe099af3cd4b930872e5d7cab7cb71f2d49c83eb2c5fa58082d92897fe4
f3a68392ef26b4375057ab9a08aa34c6cc0cdbf701b157925d20b3b476f34aa8
f65c0e88ae6a08250d4f9579c709dfcd52ecbb200044d14b61bf8681dd17e9c5