urlscan.io logo urlscan.io
SecurityTrails logo

www.grandfortunecampaign.com Open in urlscan Pro
104.21.50.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html#/rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045
Effective URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Submission: On October 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 40 HTTP transactions. The main IP is 104.21.50.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.grandfortunecampaign.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2021. Valid for: a year.
This is the only time www.grandfortunecampaign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.186.176 15169 (GOOGLE)
1 2 185.177.57.143 44901 (BELCLOUD)
1 191.101.232.101 61317 (ASDETUK w...)
1 1 209.172.32.161 32613 (IWEB-AS)
26 104.21.50.143 13335 (CLOUDFLAR...)
1 142.250.186.106 15169 (GOOGLE)
4 104.16.19.94 13335 (CLOUDFLAR...)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 172.67.146.112 13335 (CLOUDFLAR...)
1 172.217.23.104 15169 (GOOGLE)
2 142.250.185.78 15169 (GOOGLE)
40 11
1    142.250.186.176 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f16.1e100.net
storage.googleapis.com
2    185.177.57.143 (Bulgaria)

ASN44901 (BELCLOUD, BG)
PTR: agiuvdbcxdirh.com
jarjav.com
1    191.101.232.101 (Los Angeles, United States)

ASN61317 (ASDETUK www.heficed.com, GB)
nameluxuries.com
1    209.172.32.161 (Montreal, Canada)

ASN32613 (IWEB-AS, CA)
www.grandfortunelinks.com
26    104.21.50.143 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grandfortunecampaign.com
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
4    104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.16.86.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    172.67.146.112 (United States)

ASN13335 (CLOUDFLARENET, US)
www.help4casino.com
1    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
Domain Requested by
26 www.grandfortunecampaign.com nameluxuries.com
www.grandfortunecampaign.com
cdnjs.cloudflare.com
4 cdnjs.cloudflare.com www.grandfortunecampaign.com
cdnjs.cloudflare.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jarjav.com 1 redirects storage.googleapis.com
1 www.googletagmanager.com www.grandfortunecampaign.com
1 www.help4casino.com www.grandfortunecampaign.com
1 cdn.jsdelivr.net www.grandfortunecampaign.com
1 fonts.googleapis.com www.grandfortunecampaign.com
cdnjs.cloudflare.com
1 www.grandfortunelinks.com 1 redirects
1 nameluxuries.com jarjav.com
1 storage.googleapis.com
40 11

This site contains links to these domains. Also see Links.

Domain
www.grandfortunecasino.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
nameluxuries.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Frame ID: 15B13B4AB9775C713C5E71B6BAE76BB6
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Choose your bonus

Page URL History Show full URLs

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045 Page URL
  3. http://jarjav.com/track//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045 HTTP 302
    https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504 Page URL
  4. https://www.grandfortunelinks.com/click/25/406/4473/1?subid=621574008 HTTP 301
    https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,y... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

767 kB
Transfer

1162 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/01439e9df401e2e/alinkasa.html Page URL
  2. http://jarjav.com/rd//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045 Page URL
  3. http://jarjav.com/track//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045 HTTP 302
    https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504 Page URL
  4. https://www.grandfortunelinks.com/click/25/406/4473/1?subid=621574008 HTTP 301
    https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://jarjav.com/track//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045 HTTP 302
  • https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
alinkasa.html
storage.googleapis.com/01439e9df401e2e/ 		178 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.176 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f16.1e100.net
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/01439e9df401e2e/alinkasa.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycduknNL9-cISR3i3dPUUmOi1YRnlWOmJsuLLHZ-x7taGTwUaCqlJWlP_t0vvf2HTXQwgNHC8sapWctInxb0DBbw
expires
Sat, 23 Oct 2021 08:13:40 GMT
date
Sat, 23 Oct 2021 07:13:40 GMT
last-modified
Mon, 21 Jun 2021 16:14:48 GMT
etag
"72dacaa8278b63d31ce32cb68cf3e072"
x-goog-generation
1624292088016195
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
178
content-type
text/html
x-goog-hash
crc32c=Ck/U+w== md5=ctrKqCeLY9Mc4yy2jPPgcg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
178
server
UploadServer
age
27
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c16303ATFVf51557277TfoE3224oga2504HBjX1045
jarjav.com/rd//rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://jarjav.com/rd//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/01439e9df401e2e/alinkasa.html
Protocol
HTTP/1.1
Server
185.177.57.143 , Bulgaria, ASN44901 (BELCLOUD, BG),
Reverse DNS
agiuvdbcxdirh.com
Software
/
Resource Hash

Request headers

Host
jarjav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Sat, 23 Oct 2021 07:14:07 GMT
Content-Length
235
51557277-3224-2504
nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/
Redirect Chain
  • http://jarjav.com/track//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045
  • https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504
132 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504
Requested by
Host: jarjav.com
URL: http://jarjav.com/rd//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.101.232.101 Los Angeles, United States, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
nameluxuries.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://jarjav.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://jarjav.com/rd//rd/c16303ATFVf51557277TfoE3224oga2504HBjX1045

Response headers

date
Sat, 23 Oct 2021 07:14:08 GMT
content-type
text/html; charset=UTF-8
server
Apache
set-cookie
uid3366=621574008-20211023031408-a876858cb149efbf254fd58758567505-; domain=; expires=Mon, 22-Nov-2021 07:14:08 GMT; path=/; SameSite=None; Secure
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504
Date
Sat, 23 Oct 2021 07:14:07 GMT
Content-Length
122
Primary Request /
www.grandfortunecampaign.com/landing/50-free/
Redirect Chain
  • https://www.grandfortunelinks.com/click/25/406/4473/1?subid=621574008
  • https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Requested by
Host: nameluxuries.com
URL: https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbcff57d1ec7003f1de0ae8c55eed7e621019735f93234bd05bfbcf6970a5d0

Request headers

:method
GET
:authority
www.grandfortunecampaign.com
:scheme
https
:path
/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://nameluxuries.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nameluxuries.com/0/2/9772/ba443bb199426b51e676371932af6a77/16/1045-16303/51557277-3224-2504

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; path=/ affid=5795; expires=Tue, 22-Oct-2024 07:14:09 GMT; Max-Age=94608000; path=/ trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce; expires=Tue, 22-Oct-2024 07:14:09 GMT; Max-Age=94608000; path=/
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxqg%2BTZnYqlTIpxIV0SpnRQWkHD245dn%2FCoM8QmB56uu3vWn%2BtQ0mNKhh8rm0Nhq5iv1mu9ZWA8gaC1k7CjlRzWBw7yLssPqbMmr7nCKWbY83kRaVABR63XUGbrOFxZ3FzzXwfgRsmtbz%2FBYNCm%2B"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a292ab8389c4069-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx/1.20.1
Date
Sat, 23 Oct 2021 07:14:09 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Set-Cookie
bGZMNXh2MzNDN0ZUMnRYV1dOUnRWUT09=1634973248; expires=Mon, 22-Nov-2021 07:14:08 GMT; path=/ Q2x5NC9ibWJYbGhLdXVMWnFDVEpLdz09=1634973248; expires=Mon, 22-Nov-2021 07:14:08 GMT; path=/ eResponse=Success-1; expires=Sat, 23-Oct-2021 07:14:39 GMT; path=/
Location
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Strict-Transport-Security
max-age=31536000
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
style.css
www.grandfortunecampaign.com/landing/50-free/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61

Request headers

:path
/landing/50-free/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"2746-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVii66NEFOIyyMKDqd2gSH1Gygi9gzqhE2GLx%2FxtLAdsfsXYRUFExHdXzVZICSbhk0zvwf3moWPzHkZKuvbWTchmlNtrwuzG173sj%2FTagEbUs23CTEJWOMuYG8Ej%2BGdSpXC0ma4wuMvXQRDOdqY2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97a4069-CDG
expires
Sat, 20 Nov 2021 21:30:38 GMT
load.css
www.grandfortunecampaign.com/landing/50-free/css/ 		2 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/load.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a

Request headers

:path
/landing/50-free/css/load.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"656-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOnzTsn%2BLhIVWEQIFWsU4LelVfysrp2tl8cuMz6LAGnS23mvpfF8OejO%2BCqm0FUjr87wj0zO4hebL3Z4Ul6DM8tnWCieOe3bSFY6%2FxJMta6%2Fg5Jkq7pIDb4trbMZK9zlsbb6wPpXuW%2B7j11BI0R8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97b4069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/counter/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89

Request headers

:path
/landing/50-free/counter/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"10c5-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCG%2BgJfkhO1uSgguDJy0Ggv7Hqfy151VZuuihDqZTOzMoNsPbJn2hNS4ItVXMu%2BnI%2B%2BHNM8jHmrJzSYKYzO82I3aIikoqRZbdJrJnDyL1dXgJVpdbHRuyr7YsWakrMths%2FZ%2F6B68Srl3xkMe8IHH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97c4069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
layout.css
www.grandfortunecampaign.com/landing/50-free/popups/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/css/layout.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6

Request headers

:path
/landing/50-free/popups/css/layout.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"1517-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AqqmqcouDm7evLL3xjWjLMKxAsa6y25c1zzoqF3BMvMAWuWuiA7gHbv6VB072R5JxbuV1wYXo2coz2GBXCZ6QYmM0%2FUMc60UwOymUe08GYm8kJlUC6jVjcNd0yaP2%2BTm3qQcAUvAs1JjXBv6J8P"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97d4069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-897"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgeT4rtCyyEFk9LcslQ9AypHrW7egRfNB9z0bhQHDFn7UgKJXkalzH0GqPZ77g8WtcLUQNRlIr0%2FDF%2BEooMi%2FOKg7TKfgyYmO7aZgxnczAOw9wX8hJWt0eUVUUz3%2BjJxHM1b%2F1p7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a292ab90df4fadf-DUS
expires
Thu, 13 Oct 2022 07:14:09 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/sparkles/css/ 		3 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/sparkles/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8

Request headers

:path
/landing/50-free/sparkles/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"b2c-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy1lrUUo2YamJMoYyEBflJPsNJb9IYInHUshhP2CHV7QtU6faovVOfkYHk08I9Ecbq0eTL4uwQbt%2BszQ8QFL%2B7Jtdxf2xSalP%2B5C1IEjUYWooWsVkwso8kIlmv%2BRB%2BZQgkIlvfiv2bd0cIKjRoR3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97e4069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
jquery-latest.min.js
www.grandfortunecampaign.com/landing/50-free/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/js/jquery-latest.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

:path
/landing/50-free/js/jquery-latest.min.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"1762a-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i30S3bSZy1AMe3P%2FcYkMlkLf6W0sjOz73IZa7ODQVmxduN09gOPUwMSh5fdmGkd0F30oq2v1QUZlf5A%2B2loyBbiN%2FMymGVHw3QMhgBFXHRkDTv3p9RfUcTe5AHqEihY4u115j%2BJr2TCR6QoVwi%2B2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab8d97f4069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
179673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27192
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64FN1Cw3D%2BWyN3pbM6Cp5pZN%2F0WDbEPqmHdvWrC%2F0tA%2B0E%2By2AwtN3hMzcUZHFPKtzeXog5zesipdyCwu3wnrVGBDYea%2F8IGikcYgs3ODl7YiD72iNcRo0MHaQE3DAG2YQI8ExSd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a292ab90df6fadf-DUS
expires
Thu, 13 Oct 2022 07:14:09 GMT
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
180773
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19158-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"a3e1-6fy8xPpwy6CTuB2YKht4UJQUzvc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a292ab90c43215d-DUS
scripts.js
www.grandfortunecampaign.com/landing/50-free/counter/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/js/scripts.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8863ca3a1c6df61872d6a06e202811f5af85565cb83351918eb74775e981f0f1

Request headers

:path
/landing/50-free/counter/js/scripts.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"164c-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9XGMdsAUoPjR9pCM4FyPsGya%2BfInlTcfrZvxXe6ids8Vj%2FPG9L9WHbpQH2UrqHulLk0S2jPnEQ67oMTLfiRtyoct%2FoYrZP82f2M5ertJWCbO2SXXWvSb6hnV4NrX3AUMhS9MqPzO1NY95ynhmkS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab8e9824069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
tweenmax.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/tweenmax.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490

Request headers

:path
/landing/50-free/popups/js/tweenmax.min.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"181e1-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eqQR%2FNBCU9xJDMmOU%2FO%2Blq22O13X6i%2FfmyxQ9q7r%2FBPWhobB3DtU4DmymbsCJ68z5QEQcKJ%2BC6bjglB3MN7xJTauJam74aul97XF0IFIaGRZORML8AX1KKvKQbzuRL0noT%2BAosy5d7qpAM9YDkI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab8e9834069-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
180637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQuolkLpA2fbVq7dAPFaT1GJ0MSBhJILl7uWp3FvhO3dJnXP3%2FmcN%2F2jM1D6lkc3xbgMZuUz3ybQWX87nVI7D3C5bi6mM0i53PCd4gWMuM1OBivigeKLYzI%2BXnzQGBwGsmZS6SOR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a292ab90df7fadf-DUS
expires
Thu, 13 Oct 2022 07:14:09 GMT
grandfortune.svg
www.grandfortunecampaign.com/images/ 		24 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/images/grandfortune.svg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034b1040796c1413d9dcfbd26850401e872bc36b66286c4b2d3c683f710a808f

Request headers

:path
/images/grandfortune.svg
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"5e91-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27IfmbfDLss%2BLLkb0Go3vhNokWbSXys1VozOiEtVQJ%2Bls6A7klIPVBbmCRs0pwTIoCM8pfq1qTo8OQzc%2BhdwrsxA8n8o7aJBltlodo6uWTDgmrI%2BW2hHu3EHGa1nF7RjaKMg8mbkIiNH5T35ZWAh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
6a292ab9898739c3-CDG
expires
Sat, 20 Nov 2021 11:54:53 GMT
awards.png
www.grandfortunecampaign.com/landing/50-free/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/awards.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47854232f08b79d1af5c7af5649ad35a4e3840f40551ce780c148fa458b8840

Request headers

:path
/landing/50-free/images/awards.png
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15667
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"3d33-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9i7U6BaNQLaa4EpW5D5%2F44kvl8g8mhZ6ZSWpa81NHhW183zJanek%2F%2FUbMDGvUvGaq5MKp6EtiLtbJzkogWZWKBGcBsF3lYz60SEg456VYJS78Z10CnHitqTT2or1ntoXI4dAtT8ekMIw4yer7ei"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9898939c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
slots-screen.png
www.grandfortunecampaign.com/landing/50-free/images/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/slots-screen.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f78e52f1de361a02ac34324bf417159c20471e2eafe3b5752cead7bfeb8a2d2d

Request headers

:path
/landing/50-free/images/slots-screen.png
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
500459
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"7a2eb-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l%2B9Z6gXxc3ysKmyrIxm0R5aEQClNimCQO6TiFt8bZltwMVsZP2Mtr1yWPtmAZFWNW25FhZaTlJUTkCvbDNSlqMqG39ddaSrUNAj10LN%2FtG%2BRsR9MA6CQHFNtl1eOHr8UwBmcHNesO8SMV766PXL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9898b39c3-CDG
expires
Fri, 21 Oct 2022 21:30:38 GMT
icon-1.png
www.grandfortunecampaign.com/landing/50-free/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-1.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e23eed0cf6103ec950596b7833c64101e0a25460569b85e762c952028463769

Request headers

:path
/landing/50-free/images/icon-1.png
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2553
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"9f9-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm8Cx29Q9Zd47ceM0gUb9%2FTWkEQ5a%2B02%2FjPBCw39Q%2Fb8BoQpgIqighfEq8q0b4LmBlHKwp69VOMPMVk7%2FrJzHL%2FQz0Z5pw0sRBLAtO8NO9ckwWGolWKG3cpP4wpb0YwwenkSqnHaPx2uhBsRSFRj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9898c39c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
icon-2.png
www.grandfortunecampaign.com/landing/50-free/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-2.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84abba102e41fb04e1c1b3cf96332fd7f7025839ac2a49f0d07ae0da5963e0a2

Request headers

:path
/landing/50-free/images/icon-2.png
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3490
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"da2-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVh9R4utNycDHYln%2BG4LURQ138e1oM9ZPo6IxOFopSrBPQEm%2FpHNC0cvgls6eV1ZAgIPRIAfIfXdJi5xl5OCpm1Dq%2FluU3NFqTJB8f0zWyUdLkl0lDeBxQDJiZAHoltp%2FIxNe7AKAupp5W%2FqVVeQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9898e39c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
icon-3.png
www.grandfortunecampaign.com/landing/50-free/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-3.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d4b72fed63c2bedd55717f916131658b0c76ce85ecd48c690ba49aebd8535e

Request headers

:path
/landing/50-free/images/icon-3.png
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2542
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"9ee-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxlJ661s7g0FndNqfaneZqO8L%2BQ1k1HSY%2BFDoo3tGK6ZLqFiAq3QM4HtMds5Xsk1Nh383E7F8%2Bq8s0%2FlpWoXqIhdYq7UzhZXGVNSB36AMqrh%2B4J3OWurA%2FxJ5zBz2V%2BpErbKAY4jh7%2F1Iubz0Bwd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9899039c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
payment-methods-us.svg
www.help4casino.com/payment-methods/ 		39 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.help4casino.com/payment-methods/payment-methods-us.svg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 22 Oct 2021 17:23:46 GMT
server
cloudflare
etag
W/"9a2f-5cef4460aac80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXJ8kedm4tL1D7YCT1Nq1bRcbQWRnFeC79O0GMv8Ttxvuf2esu6GhDvyPxLUX27S8mHoeIgHTPZ%2Br0Fbe8frQyM2vr4Je6hNdYP%2FDYkB2S4YBP9bb2aLJFexSOZzNvzeHowth%2Fbe"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
6a292ab9da213b91-CDG
expires
Sat, 23 Oct 2021 17:37:29 GMT
game1.jpg
www.grandfortunecampaign.com/landing/50-free/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/game1.jpg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee2a01b0f01d54bcda07e8dfcc91dd998897cbaa6bee18a0838fce701da405a

Request headers

:path
/landing/50-free/images/game1.jpg
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19357
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"4b9d-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIAm2yuwbUXsFvH%2B9088Zl03ZRgQzRUzKVGpEqmlGcr0tog%2FkOoo07C8MfSYdylzc3A01MEb9zToM9%2BBKzmYO1MSXpqRnb50ckA1nROmsgB6SZoda%2F2eZirRfIVaDR5PtkLG918oDOWw%2F6r9vdJH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9899239c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
game2.jpg
www.grandfortunecampaign.com/landing/50-free/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/game2.jpg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7be5f7af15c773c10ed2b23e9ece15daf69a545b01bfb73fe220f96311120d

Request headers

:path
/landing/50-free/images/game2.jpg
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16638
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
"40fe-5cedb5c954780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzZ2iF44tPXLVUgYndit17EIVggDrtiUbemkRc5xfdV5h%2F38vLG9hwOgAFMoZsx%2BlCOWV%2BKCptrDE%2F%2B1GywOweVQwX7%2BSCLxA2dQaUPmu58sPYikwIFOOHWZGW1fWDi%2BNTqNEg2z61S1Yt3ZWDL4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a292ab9899539c3-CDG
expires
Fri, 21 Oct 2022 12:57:16 GMT
control_landing.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/control_landing.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306e2592b08cc94178123aea2e0fe59055ff5f0a9dae15d73f0c89d33c192ad6

Request headers

:path
/landing/50-free/popups/js/control_landing.min.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"eb1-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmfQsWwSIwpOEDvp3gm7XyIDXKKisro8lbPSksExTJQYYiW%2Fr9MA2e%2Fti%2BSxfemkddE6CZcZyWHbjq7VPFxQXjYlqiDDWEM4eVaYQcYupdLxGSoTg7uzQ2ttekbRigOhKG5p1S%2FtjN1BCIhrF4dJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab9390339c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
clipboard.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/clipboard.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

:path
/landing/50-free/popups/js/clipboard.min.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"29a6-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QWddrSS%2BSEnHsyh%2BJKXN8LjywYt8he0N5L89qlbG6oh0e%2FILJp5NnMWBCkDiU8poKzAPKdXgw8FvC2c6O3rCQA2FROTrgBx0zYoABXvsi9f2U4x09LyxBnEkpo7HNyojtaoX00Nodq80UKhHTB0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab9595039c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
terms_behaviors.js
www.grandfortunecampaign.com/landing/50-free/js/ 		408 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/js/terms_behaviors.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfe8ed9f08e1efa70d7cbb83a1755040e454af0dc4108f407a0529380ef5b1a

Request headers

:path
/landing/50-free/js/terms_behaviors.js
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"198-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr5QkuBgWAPFCGuQo5kOnaZaDOtfS%2BFnbVX8U7jUbtJOiXa%2FEyDq5d6iHvLvEsA95qmKZO29lrxakt2fgHyt3VS87THlil3hUjKsdJXkLDTcnOc02P7mXlUyI5Q%2Blq8Uenemspq%2Fo8o0b0itcdKU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a292ab9695b39c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
gtm.js
www.googletagmanager.com/ 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNLBBP5
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1dc18726f2118db95ace162f489e20e2d9df5d17a042935b4b2438d4fb2ad976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37761
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Oct 2021 07:14:09 GMT
css2
fonts.googleapis.com/ 		0
0
style.css
www.grandfortunecampaign.com/landing/50-free/css/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61

Request headers

:path
/landing/50-free/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"2746-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FkGkJU7rz9Etfsr4dUekOV1Jsx%2B9%2BPP0vvqoOdbBvQU0RkH%2Fp%2Fp62TfjwcVDo5IrubAkdffNOghV13pSejTb0pP01sUAMBIiAgvSpycWuA1w2YVmY5Ixx6SccyoiCjBfMW8ODAvTGPl6I0wbuEw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab9b9cb39c3-CDG
expires
Sat, 20 Nov 2021 21:30:38 GMT
load.css
www.grandfortunecampaign.com/landing/50-free/css/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/load.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a

Request headers

:path
/landing/50-free/css/load.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"656-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV7DzxjsifPeHNHvnCod1Fqq59Py5eSJVaB2xWRl9xDaIqWTFMGQQMP5L07A%2FLZe%2BhLa7MY4YorJMKkP%2BlVm44W9PFUZDC6W2cas%2Fe8ul%2FCqj8%2FwFQXK1kZFKHM6NJtjyzBBx8ztVE3cQmEepMl4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab9b9cc39c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/counter/css/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89

Request headers

:path
/landing/50-free/counter/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"10c5-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrQ7DI24nf1G7xVzs9IfwDMO4vTa9w%2F3GCpl0ZXE8dYtH70Cf%2BKCI2tG7KI2FMc1wyTLttyJhwdGXsGHP5ai%2FS0IZSEjQqDK5aMZXB0hO9ql9ytHgiElRruGeqVXZFLz5MnZTgsgY%2FPof16HfTDU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab9b9cf39c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
layout.css
www.grandfortunecampaign.com/landing/50-free/popups/css/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/css/layout.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6

Request headers

:path
/landing/50-free/popups/css/layout.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"1517-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IayzUJed9g1DE4VbfZTYn0p9tCt%2Fs05rR2FuRvZqbz%2Bdz3HJcsSlRwbCqy%2F0PwrWBqI42YY99JZ3o11fUkjKLOTcabO3XpLnRZj6S8V1%2BcZocTHyO89eWs6sfSriZCTcD0w2osXUr9Ul0Cxi2RRm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab9b9d139c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-897"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXEmCKkZa1UXPxrOUDMvkpJcxphmhsk%2FaIQMOpO%2B8MclhHsYFHNGmLDT1WmR7IFraMca2qJ7C2rEaqyH%2BFxTMPXgKvonPEcigR3I56R550ZWv%2FAphhR70K5T9qafBKTIZKqz3mz9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a292ab9cfd8716e-DUS
expires
Thu, 13 Oct 2022 07:14:09 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/sparkles/css/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/sparkles/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8

Request headers

:path
/landing/50-free/sparkles/css/style.css
pragma
no-cache
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 07:14:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 11:40:30 GMT
server
cloudflare
etag
W/"b2c-5cedb5c954780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsLvanvgqiceF35uWStQFJGT2Ax53B3XRdEyJrFHdtR6jtzTQb%2FF8EacHTPh7JW8490eERibnb9fdPMg48%2B28WOAkie0k3ZBrhGxwhUpzUSVUQ43xRajJ%2FnSLHa1StgU%2FWp%2BUJZC6qnOhaRPWv%2FE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a292ab9b9d339c3-CDG
expires
Sat, 20 Nov 2021 12:57:16 GMT
getjackpot.php
www.grandfortunecampaign.com/landing/50-free/counter/php/ 		10 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/php/getjackpot.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1343e990813e6dc86a7fd6870654b723bb475a617055915e17d3afadf22c7d

Request headers

sec-fetch-mode
cors
origin
https://www.grandfortunecampaign.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
PHPSESSID=eq4qg6dcaq53tp56el2637h2er; affid=5795; trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce
content-length
0
:path
/landing/50-free/counter/php/getjackpot.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grandfortunecampaign.com
referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:14:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFsu%2FRFASFHz%2BNNBccsoo%2FkqEqeAmG%2FJfku0%2Bh2VQcjfI74TH6HYb1zWcaSiJlge6OQ8VIaBEFiPYnGDIFths3lHGcG5p3xnl5KJSOoaLntlVPz1VAA0FNwjOuCKzkkCllu6zR3UEsKA9XkznMKR"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
set-cookie
affid=5795; expires=Tue, 22-Oct-2024 07:14:09 GMT; Max-Age=94608000; path=/ trackingID=GFCU91e481fbd69c43b006987d2f95efe4ce; expires=Tue, 22-Oct-2024 07:14:09 GMT; Max-Age=94608000; path=/
cf-ray
6a292ab9d9f639c3-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNLBBP5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
4415
date
Sat, 23 Oct 2021 06:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 08:00:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1454338218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandfortunecampaign.com%2Flanding%2F50-free%2F%3Faffid%3D5795%2Ct%3DGFCU91e481fbd69c43b006987d2f95efe4ce%2Cycid%3D25%2Cyaid%3D4473%2Cybid%3D777607&dr=https%3A%2F%2Fnameluxuries.com%2F&ul=en-us&de=UTF-8&dt=Choose%20your%20bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1946135474&gjid=2129882294&cid=2144345424.1634973250&tid=UA-56767102-1&_gid=2081653969.1634973250&_r=1&gtm=2wgak0NNLBBP5&z=18494345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandfortunecampaign.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:14:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandfortunecampaign.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| $ function| jQuery object| RotatingCounter object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| StyleFix object| PrefixFree function| ClipboardJS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| initial_jackpot string| el_class string| prev_jackpot string| chunk number| notwholesome string| last_chunk string| joined string| fixed_floated string| f number| delay

10 Cookies

Domain/Path Name / Value
nameluxuries.com/ Name: uid3366
Value: 621574008-20211023031408-a876858cb149efbf254fd58758567505-
www.grandfortunelinks.com/ Name: bGZMNXh2MzNDN0ZUMnRYV1dOUnRWUT09
Value: 1634973248
www.grandfortunelinks.com/ Name: Q2x5NC9ibWJYbGhLdXVMWnFDVEpLdz09
Value: 1634973248
www.grandfortunelinks.com/ Name: eResponse
Value: Success-1
www.grandfortunecampaign.com/ Name: PHPSESSID
Value: eq4qg6dcaq53tp56el2637h2er
www.grandfortunecampaign.com/ Name: affid
Value: 5795
www.grandfortunecampaign.com/ Name: trackingID
Value: GFCU91e481fbd69c43b006987d2f95efe4ce
.grandfortunecampaign.com/ Name: _ga
Value: GA1.2.2144345424.1634973250
.grandfortunecampaign.com/ Name: _gid
Value: GA1.2.2081653969.1634973250
.grandfortunecampaign.com/ Name: _gat_UA-56767102-1
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU91e481fbd69c43b006987d2f95efe4ce,ycid=25,yaid=4473,ybid=777607
Message:
Access to XMLHttpRequest at 'https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap' from origin 'https://www.grandfortunecampaign.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
jarjav.com
nameluxuries.com
storage.googleapis.com
www.google-analytics.com
www.googletagmanager.com
www.grandfortunecampaign.com
www.grandfortunelinks.com
www.help4casino.com
fonts.googleapis.com
104.16.19.94
104.16.86.20
104.21.50.143
142.250.185.78
142.250.186.106
142.250.186.176
172.217.23.104
172.67.146.112
185.177.57.143
191.101.232.101
209.172.32.161
034b1040796c1413d9dcfbd26850401e872bc36b66286c4b2d3c683f710a808f
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1dc18726f2118db95ace162f489e20e2d9df5d17a042935b4b2438d4fb2ad976
25d4b72fed63c2bedd55717f916131658b0c76ce85ecd48c690ba49aebd8535e
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61
306e2592b08cc94178123aea2e0fe59055ff5f0a9dae15d73f0c89d33c192ad6
3c1343e990813e6dc86a7fd6870654b723bb475a617055915e17d3afadf22c7d
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b7be5f7af15c773c10ed2b23e9ece15daf69a545b01bfb73fe220f96311120d
5e23eed0cf6103ec950596b7833c64101e0a25460569b85e762c952028463769
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbcff57d1ec7003f1de0ae8c55eed7e621019735f93234bd05bfbcf6970a5d0
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a
84abba102e41fb04e1c1b3cf96332fd7f7025839ac2a49f0d07ae0da5963e0a2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8863ca3a1c6df61872d6a06e202811f5af85565cb83351918eb74775e981f0f1
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54
bee2a01b0f01d54bcda07e8dfcc91dd998897cbaa6bee18a0838fce701da405a
d47854232f08b79d1af5c7af5649ad35a4e3840f40551ce780c148fa458b8840
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6
f78e52f1de361a02ac34324bf417159c20471e2eafe3b5752cead7bfeb8a2d2d
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89
fbfe8ed9f08e1efa70d7cbb83a1755040e454af0dc4108f407a0529380ef5b1a
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3